forked from community/device-mgt-core
Merge branch 'master' of https://github.com/wso2/carbon-device-mgt
commit
9d5f2af7e9
@ -0,0 +1,152 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
~
|
||||
~ WSO2 Inc. licenses this file to you under the Apache License,
|
||||
~ Version 2.0 (the "License"); you may not use this file except
|
||||
~ in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing,
|
||||
~ software distributed under the License is distributed on an
|
||||
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
~ KIND, either express or implied. See the License for the
|
||||
~ specific language governing permissions and limitations
|
||||
~ under the License.
|
||||
-->
|
||||
|
||||
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
|
||||
<parent>
|
||||
<groupId>org.wso2.carbon.devicemgt</groupId>
|
||||
<artifactId>certificate-mgt</artifactId>
|
||||
<version>0.9.2-SNAPSHOT</version>
|
||||
<relativePath>../pom.xml</relativePath>
|
||||
</parent>
|
||||
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.wso2.carbon.devicemgt</groupId>
|
||||
<artifactId>org.wso2.carbon.certificate.mgt.core</artifactId>
|
||||
<version>0.9.2-SNAPSHOT</version>
|
||||
<packaging>bundle</packaging>
|
||||
<name>WSO2 Carbon - Certificate Management Core</name>
|
||||
<description>WSO2 Carbon - Certificate Management Core</description>
|
||||
<url>http://wso2.org</url>
|
||||
|
||||
<build>
|
||||
<plugins>
|
||||
<plugin>
|
||||
<groupId>org.apache.felix</groupId>
|
||||
<artifactId>maven-scr-plugin</artifactId>
|
||||
</plugin>
|
||||
<plugin>
|
||||
<groupId>org.apache.felix</groupId>
|
||||
<artifactId>maven-bundle-plugin</artifactId>
|
||||
<version>1.4.0</version>
|
||||
<extensions>true</extensions>
|
||||
<configuration>
|
||||
<instructions>
|
||||
<Bundle-SymbolicName>${project.artifactId}</Bundle-SymbolicName>
|
||||
<Bundle-Name>${project.artifactId}</Bundle-Name>
|
||||
<Bundle-Version>${carbon.device.mgt.version}</Bundle-Version>
|
||||
<Bundle-Description>Device Management Core Bundle</Bundle-Description>
|
||||
<Private-Package>org.wso2.carbon.certificate.mgt.core.internal</Private-Package>
|
||||
<Import-Package>
|
||||
org.osgi.framework,
|
||||
org.osgi.service.component,
|
||||
org.apache.commons.logging,
|
||||
javax.security.auth.x500,
|
||||
javax.xml.parsers,
|
||||
org.apache.commons.codec.binary,
|
||||
org.bouncycastle.asn1,
|
||||
org.bouncycastle.asn1.x500,
|
||||
org.bouncycastle.asn1.x509,
|
||||
org.bouncycastle.cert,
|
||||
org.bouncycastle.cert.jcajce,
|
||||
org.bouncycastle.cms,
|
||||
org.bouncycastle.jce.provider,
|
||||
org.bouncycastle.operator,
|
||||
org.bouncycastle.operator.jcajce,
|
||||
org.bouncycastle.pkcs,
|
||||
org.bouncycastle.util,
|
||||
org.jscep.message,
|
||||
org.jscep.transaction,
|
||||
org.w3c.dom,
|
||||
org.xml.sax
|
||||
</Import-Package>
|
||||
<Export-Package>
|
||||
!org.wso2.carbon.certificate.mgt.core.internal.*,
|
||||
org.wso2.carbon.certificate.mgt.core.dto.*,
|
||||
org.wso2.carbon.certificate.mgt.core.exception.*,
|
||||
org.wso2.carbon.certificate.mgt.core.impl.*,
|
||||
org.wso2.carbon.certificate.mgt.core.service.*,
|
||||
org.wso2.carbon.certificate.mgt.core.util.*
|
||||
</Export-Package>
|
||||
</instructions>
|
||||
</configuration>
|
||||
</plugin>
|
||||
|
||||
<plugin>
|
||||
<groupId>org.apache.maven.plugins</groupId>
|
||||
<artifactId>maven-surefire-plugin</artifactId>
|
||||
<version>2.18</version>
|
||||
<configuration>
|
||||
<systemPropertyVariables>
|
||||
<log4j.configuration>file:src/test/resources/log4j.properties</log4j.configuration>
|
||||
</systemPropertyVariables>
|
||||
<suiteXmlFiles>
|
||||
<suiteXmlFile>src/test/resources/testng.xml</suiteXmlFile>
|
||||
</suiteXmlFiles>
|
||||
</configuration>
|
||||
</plugin>
|
||||
|
||||
</plugins>
|
||||
</build>
|
||||
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.eclipse.osgi</groupId>
|
||||
<artifactId>org.eclipse.osgi</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.eclipse.osgi</groupId>
|
||||
<artifactId>org.eclipse.osgi.services</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.testng</groupId>
|
||||
<artifactId>testng</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.wso2.carbon</groupId>
|
||||
<artifactId>org.wso2.carbon.logging</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.bouncycastle.wso2</groupId>
|
||||
<artifactId>bcprov-jdk15on</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.bouncycastle.wso2</groupId>
|
||||
<artifactId>bcpkix-jdk15on</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.bouncycastle.wso2</groupId>
|
||||
<artifactId>bcmail-jdk15on</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.google.code.jscep.wso2</groupId>
|
||||
<artifactId>jscep</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>commons-codec.wso2</groupId>
|
||||
<artifactId>commons-codec</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>commons-io.wso2</groupId>
|
||||
<artifactId>commons-io</artifactId>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
|
||||
</project>
|
||||
|
@ -0,0 +1,26 @@
|
||||
/*
|
||||
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
package org.wso2.carbon.certificate.mgt.core.dto;
|
||||
|
||||
public enum CAStatus {
|
||||
|
||||
CA_CERT_FAILED,
|
||||
CA_CERT_RECEIVED,
|
||||
CA_RA_CERT_RECEIVED
|
||||
|
||||
}
|
@ -0,0 +1,41 @@
|
||||
/*
|
||||
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
package org.wso2.carbon.certificate.mgt.core.dto;
|
||||
|
||||
public class SCEPResponse {
|
||||
|
||||
private byte[] encodedResponse;
|
||||
private CAStatus resultCriteria;
|
||||
|
||||
public byte[] getEncodedResponse() {
|
||||
return encodedResponse;
|
||||
}
|
||||
|
||||
public void setEncodedResponse(byte[] encodedResponse) {
|
||||
this.encodedResponse = encodedResponse;
|
||||
}
|
||||
|
||||
public CAStatus getResultCriteria() {
|
||||
return resultCriteria;
|
||||
}
|
||||
|
||||
public void setResultCriteria(CAStatus resultCriteria) {
|
||||
this.resultCriteria = resultCriteria;
|
||||
}
|
||||
|
||||
}
|
@ -0,0 +1,55 @@
|
||||
/*
|
||||
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
package org.wso2.carbon.certificate.mgt.core.exception;
|
||||
|
||||
public class KeystoreException extends Exception {
|
||||
|
||||
private static final long serialVersionUID = -8935640983869122660L;
|
||||
private String errorMessage;
|
||||
|
||||
public String getErrorMessage() {
|
||||
return errorMessage;
|
||||
}
|
||||
|
||||
public void setErrorMessage(String errorMessage) {
|
||||
this.errorMessage = errorMessage;
|
||||
}
|
||||
|
||||
public KeystoreException(String msg, Exception nestedEx) {
|
||||
super(msg, nestedEx);
|
||||
setErrorMessage(msg);
|
||||
}
|
||||
|
||||
public KeystoreException(String message, Throwable cause) {
|
||||
super(message, cause);
|
||||
setErrorMessage(message);
|
||||
}
|
||||
|
||||
public KeystoreException(String msg) {
|
||||
super(msg);
|
||||
setErrorMessage(msg);
|
||||
}
|
||||
|
||||
public KeystoreException() {
|
||||
super();
|
||||
}
|
||||
|
||||
public KeystoreException(Throwable cause) {
|
||||
super(cause);
|
||||
}
|
||||
}
|
@ -0,0 +1,484 @@
|
||||
/*
|
||||
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
package org.wso2.carbon.certificate.mgt.core.impl;
|
||||
|
||||
import org.apache.commons.codec.binary.Base64;
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.bouncycastle.asn1.x500.X500Name;
|
||||
import org.bouncycastle.asn1.x509.KeyUsage;
|
||||
import org.bouncycastle.asn1.x509.X509Extension;
|
||||
import org.bouncycastle.cert.CertIOException;
|
||||
import org.bouncycastle.cert.X509CertificateHolder;
|
||||
import org.bouncycastle.cert.X509v3CertificateBuilder;
|
||||
import org.bouncycastle.cert.jcajce.JcaCertStore;
|
||||
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
|
||||
import org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder;
|
||||
import org.bouncycastle.cms.CMSAbsentContent;
|
||||
import org.bouncycastle.cms.CMSException;
|
||||
import org.bouncycastle.cms.CMSSignedData;
|
||||
import org.bouncycastle.cms.CMSSignedDataGenerator;
|
||||
import org.bouncycastle.jce.provider.BouncyCastleProvider;
|
||||
import org.bouncycastle.operator.ContentSigner;
|
||||
import org.bouncycastle.operator.OperatorCreationException;
|
||||
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
|
||||
import org.bouncycastle.pkcs.PKCS10CertificationRequest;
|
||||
import org.bouncycastle.util.Store;
|
||||
import org.jscep.message.CertRep;
|
||||
import org.jscep.message.MessageDecodingException;
|
||||
import org.jscep.message.MessageEncodingException;
|
||||
import org.jscep.message.PkcsPkiEnvelopeDecoder;
|
||||
import org.jscep.message.PkcsPkiEnvelopeEncoder;
|
||||
import org.jscep.message.PkiMessage;
|
||||
import org.jscep.message.PkiMessageDecoder;
|
||||
import org.jscep.message.PkiMessageEncoder;
|
||||
import org.jscep.transaction.FailInfo;
|
||||
import org.jscep.transaction.Nonce;
|
||||
import org.jscep.transaction.TransactionId;
|
||||
import org.wso2.carbon.certificate.mgt.core.dto.CAStatus;
|
||||
import org.wso2.carbon.certificate.mgt.core.dto.SCEPResponse;
|
||||
import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException;
|
||||
import org.wso2.carbon.certificate.mgt.core.util.CommonUtil;
|
||||
import org.wso2.carbon.certificate.mgt.core.util.ConfigurationUtil;
|
||||
|
||||
import javax.security.auth.x500.X500Principal;
|
||||
import java.io.ByteArrayInputStream;
|
||||
import java.io.DataInputStream;
|
||||
import java.io.File;
|
||||
import java.io.FileInputStream;
|
||||
import java.io.FileNotFoundException;
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.math.BigInteger;
|
||||
import java.security.InvalidKeyException;
|
||||
import java.security.KeyFactory;
|
||||
import java.security.KeyPair;
|
||||
import java.security.KeyPairGenerator;
|
||||
import java.security.KeyStore;
|
||||
import java.security.KeyStoreException;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.security.NoSuchProviderException;
|
||||
import java.security.PrivateKey;
|
||||
import java.security.SecureRandom;
|
||||
import java.security.Security;
|
||||
import java.security.SignatureException;
|
||||
import java.security.cert.CertificateEncodingException;
|
||||
import java.security.cert.CertificateException;
|
||||
import java.security.cert.CertificateExpiredException;
|
||||
import java.security.cert.CertificateFactory;
|
||||
import java.security.cert.CertificateNotYetValidException;
|
||||
import java.security.cert.X509Certificate;
|
||||
import java.security.spec.InvalidKeySpecException;
|
||||
import java.security.spec.PKCS8EncodedKeySpec;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collection;
|
||||
import java.util.Date;
|
||||
import java.util.List;
|
||||
|
||||
public class CertificateGenerator {
|
||||
|
||||
private static final Log log = LogFactory.getLog(CertificateGenerator.class);
|
||||
|
||||
public List<X509Certificate> getRootCertificates(byte[] ca, byte[] ra) throws KeystoreException {
|
||||
|
||||
if (ca == null) {
|
||||
throw new KeystoreException("CA certificate is mandatory");
|
||||
}
|
||||
|
||||
if (ra == null) {
|
||||
throw new KeystoreException("RA certificate is mandatory");
|
||||
}
|
||||
|
||||
List<X509Certificate> certificateList = new ArrayList<X509Certificate>();
|
||||
InputStream caInputStream = null;
|
||||
InputStream raInputStream = null;
|
||||
|
||||
try {
|
||||
CertificateFactory certificateFactory = CertificateFactory.getInstance(ConfigurationUtil.X_509);
|
||||
caInputStream = new ByteArrayInputStream(ca);
|
||||
raInputStream = new ByteArrayInputStream(ra);
|
||||
|
||||
X509Certificate caCert = (X509Certificate) certificateFactory.generateCertificate(caInputStream);
|
||||
X509Certificate raCert = (X509Certificate) certificateFactory.generateCertificate(raInputStream);
|
||||
|
||||
certificateList.add(caCert);
|
||||
certificateList.add(raCert);
|
||||
} catch (CertificateException e) {
|
||||
String errorMsg = "Error occurred while fetching root certificates";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} finally {
|
||||
if (caInputStream != null) {
|
||||
try {
|
||||
caInputStream.close();
|
||||
} catch (IOException e) {
|
||||
log.error("Error occurred when closing CA input stream");
|
||||
}
|
||||
}
|
||||
|
||||
if (raInputStream != null) {
|
||||
try {
|
||||
raInputStream.close();
|
||||
} catch (IOException e) {
|
||||
log.error("Error occurred when closing RA input stream");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return certificateList;
|
||||
}
|
||||
|
||||
public X509Certificate generateX509Certificate() throws KeystoreException {
|
||||
|
||||
CommonUtil commonUtil = new CommonUtil();
|
||||
Date validityBeginDate = commonUtil.getValidityStartDate();
|
||||
Date validityEndDate = commonUtil.getValidityEndDate();
|
||||
|
||||
Security.addProvider(new BouncyCastleProvider());
|
||||
|
||||
try {
|
||||
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(
|
||||
ConfigurationUtil.RSA, ConfigurationUtil.PROVIDER);
|
||||
keyPairGenerator.initialize(ConfigurationUtil.RSA_KEY_LENGTH, new SecureRandom());
|
||||
KeyPair pair = keyPairGenerator.generateKeyPair();
|
||||
X500Principal principal = new X500Principal(ConfigurationUtil.DEFAULT_PRINCIPAL);
|
||||
BigInteger serial = BigInteger.valueOf(System.currentTimeMillis());
|
||||
|
||||
X509v3CertificateBuilder certificateBuilder = new JcaX509v3CertificateBuilder(
|
||||
principal, serial, validityBeginDate, validityEndDate,
|
||||
principal, pair.getPublic());
|
||||
ContentSigner contentSigner = new JcaContentSignerBuilder(ConfigurationUtil.SHA256_RSA)
|
||||
.setProvider(ConfigurationUtil.PROVIDER).build(
|
||||
pair.getPrivate());
|
||||
X509Certificate certificate = new JcaX509CertificateConverter()
|
||||
.setProvider(ConfigurationUtil.PROVIDER).getCertificate(
|
||||
certificateBuilder.build(contentSigner));
|
||||
|
||||
// cert.checkValidity();
|
||||
|
||||
certificate.verify(certificate.getPublicKey());
|
||||
|
||||
saveCertInKeyStore(certificate);
|
||||
|
||||
return certificate;
|
||||
} catch (NoSuchAlgorithmException e) {
|
||||
String errorMsg = "No such algorithm found when generating certificate";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (NoSuchProviderException e) {
|
||||
String errorMsg = "No such provider found when generating certificate";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (OperatorCreationException e) {
|
||||
String errorMsg = "Issue in operator creation when generating certificate";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (CertificateExpiredException e) {
|
||||
String errorMsg = "Certificate expired after generating certificate";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (CertificateNotYetValidException e) {
|
||||
String errorMsg = "Certificate not yet valid when generating certificate";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (CertificateException e) {
|
||||
String errorMsg = "Certificate issue occurred when generating certificate";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (InvalidKeyException e) {
|
||||
String errorMsg = "Invalid key used when generating certificate";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (SignatureException e) {
|
||||
String errorMsg = "Signature related issue occurred when generating certificate";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
}
|
||||
}
|
||||
|
||||
public byte[] getPKIMessage(InputStream inputStream) throws KeystoreException {
|
||||
|
||||
try {
|
||||
CMSSignedData signedData = new CMSSignedData(inputStream);
|
||||
Store reqStore = signedData.getCertificates();
|
||||
@SuppressWarnings("unchecked")
|
||||
Collection<X509CertificateHolder> reqCerts = reqStore.getMatches(null);
|
||||
|
||||
KeyStoreReader keyStoreReader = new KeyStoreReader();
|
||||
PrivateKey privateKeyRA = keyStoreReader.getRAPrivateKey();
|
||||
PrivateKey privateKeyCA = keyStoreReader.getCAPrivateKey();
|
||||
X509Certificate certRA = (X509Certificate) keyStoreReader.getRACertificate();
|
||||
X509Certificate certCA = (X509Certificate) keyStoreReader.getCACertificate();
|
||||
|
||||
CertificateFactory certificateFactory = CertificateFactory.getInstance(ConfigurationUtil.X_509);
|
||||
X509CertificateHolder holder = reqCerts.iterator().next();
|
||||
ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(holder.getEncoded());
|
||||
X509Certificate reqCert = (X509Certificate) certificateFactory.generateCertificate(byteArrayInputStream);
|
||||
|
||||
PkcsPkiEnvelopeDecoder envelopeDecoder = new PkcsPkiEnvelopeDecoder(certRA, privateKeyRA);
|
||||
PkiMessageDecoder messageDecoder = new PkiMessageDecoder(reqCert, envelopeDecoder);
|
||||
PkiMessage<?> pkiMessage = messageDecoder.decode(signedData);
|
||||
Object msgData = pkiMessage.getMessageData();
|
||||
|
||||
Nonce senderNonce = Nonce.nextNonce();
|
||||
TransactionId transId = pkiMessage.getTransactionId();
|
||||
Nonce recipientNonce = pkiMessage.getSenderNonce();
|
||||
CertRep certRep;
|
||||
|
||||
PKCS10CertificationRequest certRequest = (PKCS10CertificationRequest) msgData;
|
||||
X509Certificate generatedCert = generateCertificateFromCSR(
|
||||
privateKeyCA, certRequest, certCA.getIssuerX500Principal().getName());
|
||||
|
||||
List<X509Certificate> issued = new ArrayList<X509Certificate>();
|
||||
issued.add(generatedCert);
|
||||
|
||||
if (issued.size() == 0) {
|
||||
certRep = new CertRep(transId, senderNonce, recipientNonce, FailInfo.badCertId);
|
||||
} else {
|
||||
CMSSignedData messageData = getMessageData(issued);
|
||||
certRep = new CertRep(transId, senderNonce, recipientNonce, messageData);
|
||||
}
|
||||
|
||||
PkcsPkiEnvelopeEncoder envEncoder = new PkcsPkiEnvelopeEncoder(reqCert, ConfigurationUtil.DES_EDE);
|
||||
PkiMessageEncoder encoder = new PkiMessageEncoder(privateKeyRA, certRA, envEncoder);
|
||||
CMSSignedData cmsSignedData = encoder.encode(certRep);
|
||||
|
||||
return cmsSignedData.getEncoded();
|
||||
|
||||
} catch (CertificateException e) {
|
||||
String errorMsg = "Certificate issue occurred when generating getPKIMessage";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (MessageEncodingException e) {
|
||||
String errorMsg = "Message encoding issue occurred when generating getPKIMessage";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (IOException e) {
|
||||
String errorMsg = "Input output issue occurred when generating getPKIMessage";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (MessageDecodingException e) {
|
||||
String errorMsg = "Message decoding issue occurred when generating getPKIMessage";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (CMSException e) {
|
||||
String errorMsg = "CMS issue occurred when generating getPKIMessage";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
}
|
||||
}
|
||||
|
||||
public X509Certificate generateCertificateFromCSR(PrivateKey privateKey,
|
||||
PKCS10CertificationRequest request,
|
||||
String issueSubject)
|
||||
throws KeystoreException {
|
||||
|
||||
CommonUtil commonUtil = new CommonUtil();
|
||||
Date validityBeginDate = commonUtil.getValidityStartDate();
|
||||
Date validityEndDate = commonUtil.getValidityEndDate();
|
||||
|
||||
X500Name certSubject = request.getSubject();
|
||||
|
||||
if (certSubject == null) {
|
||||
certSubject = new X500Name(ConfigurationUtil.DEFAULT_PRINCIPAL);
|
||||
} else {
|
||||
org.bouncycastle.asn1.x500.RDN[] rdn = certSubject.getRDNs();
|
||||
|
||||
if (rdn == null || rdn.length == 0) {
|
||||
certSubject = new X500Name(ConfigurationUtil.DEFAULT_PRINCIPAL);
|
||||
}
|
||||
}
|
||||
|
||||
X509v3CertificateBuilder certificateBuilder = new X509v3CertificateBuilder(
|
||||
new X500Name(issueSubject), BigInteger.valueOf(System.currentTimeMillis()),
|
||||
validityBeginDate, validityEndDate, certSubject, request.getSubjectPublicKeyInfo());
|
||||
|
||||
ContentSigner sigGen;
|
||||
X509Certificate issuedCert;
|
||||
try {
|
||||
certificateBuilder.addExtension(X509Extension.keyUsage, true, new KeyUsage(
|
||||
KeyUsage.digitalSignature | KeyUsage.keyEncipherment));
|
||||
sigGen = new JcaContentSignerBuilder(ConfigurationUtil.SHA256_RSA)
|
||||
.setProvider(ConfigurationUtil.PROVIDER).build(privateKey);
|
||||
issuedCert = new JcaX509CertificateConverter().setProvider(
|
||||
ConfigurationUtil.PROVIDER).getCertificate(
|
||||
certificateBuilder.build(sigGen));
|
||||
|
||||
saveCertInKeyStore(issuedCert);
|
||||
} catch (CertIOException e) {
|
||||
String errorMsg = "Certificate Input output issue occurred when generating generateCertificateFromCSR";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (OperatorCreationException e) {
|
||||
String errorMsg = "Operator creation issue occurred when generating generateCertificateFromCSR";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (CertificateException e) {
|
||||
String errorMsg = "Certificate issue occurred when generating generateCertificateFromCSR";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
}
|
||||
|
||||
return issuedCert;
|
||||
}
|
||||
|
||||
private CMSSignedData getMessageData(final List<X509Certificate> certs) throws KeystoreException {
|
||||
|
||||
CMSSignedDataGenerator generator = new CMSSignedDataGenerator();
|
||||
JcaCertStore store;
|
||||
try {
|
||||
store = new JcaCertStore(certs);
|
||||
generator.addCertificates(store);
|
||||
|
||||
return generator.generate(new CMSAbsentContent());
|
||||
} catch (CertificateEncodingException e) {
|
||||
String errorMsg = "Certificate encoding issue occurred when generating getMessageData";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (CMSException e) {
|
||||
String errorMsg = "Message decoding issue occurred when generating getMessageData";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
}
|
||||
}
|
||||
|
||||
private PrivateKey getSignerKey(String signerPrivateKeyPath) throws KeystoreException {
|
||||
|
||||
File file = new File(signerPrivateKeyPath);
|
||||
FileInputStream fis;
|
||||
|
||||
try {
|
||||
fis = new FileInputStream(file);
|
||||
DataInputStream dis = new DataInputStream(fis);
|
||||
byte[] keyBytes = new byte[(int) file.length()];
|
||||
dis.readFully(keyBytes);
|
||||
dis.close();
|
||||
|
||||
String temp = new String(keyBytes);
|
||||
String privateKeyPEM = temp.replace(
|
||||
ConfigurationUtil.RSA_PRIVATE_KEY_BEGIN_TEXT, ConfigurationUtil.EMPTY_TEXT);
|
||||
privateKeyPEM = privateKeyPEM
|
||||
.replace(ConfigurationUtil.RSA_PRIVATE_KEY_END_TEXT, ConfigurationUtil.EMPTY_TEXT);
|
||||
|
||||
byte[] decoded = Base64.decodeBase64(privateKeyPEM);
|
||||
PKCS8EncodedKeySpec encodedKeySpec = new PKCS8EncodedKeySpec(decoded);
|
||||
KeyFactory keyFactory = KeyFactory.getInstance(ConfigurationUtil.RSA);
|
||||
|
||||
return keyFactory.generatePrivate(encodedKeySpec);
|
||||
} catch (FileNotFoundException e) {
|
||||
String errorMsg = "Private key file not found in getSignerKey";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (IOException e) {
|
||||
String errorMsg = "Input output issue in getSignerKey";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (NoSuchAlgorithmException e) {
|
||||
String errorMsg = "Algorithm not not found in getSignerKey";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (InvalidKeySpecException e) {
|
||||
String errorMsg = "Invalid key found in getSignerKey";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
}
|
||||
}
|
||||
|
||||
private X509Certificate getSigner(String signerCertificatePath) throws KeystoreException {
|
||||
|
||||
X509Certificate certificate;
|
||||
try {
|
||||
CertificateFactory certificateFactory = CertificateFactory.getInstance(ConfigurationUtil.X_509);
|
||||
certificate = (X509Certificate) certificateFactory.generateCertificate(
|
||||
new FileInputStream(signerCertificatePath));
|
||||
|
||||
return certificate;
|
||||
} catch (CertificateException e) {
|
||||
String errorMsg = "Certificate related issue occurred in getSigner";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (FileNotFoundException e) {
|
||||
String errorMsg = "Signer certificate path not found in getSigner";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
}
|
||||
}
|
||||
|
||||
public SCEPResponse getCACert() throws KeystoreException {
|
||||
|
||||
try {
|
||||
SCEPResponse scepResponse = new SCEPResponse();
|
||||
KeyStoreReader keyStoreReader = new KeyStoreReader();
|
||||
|
||||
byte[] caBytes = keyStoreReader.getCACertificate().getEncoded();
|
||||
byte[] raBytes = keyStoreReader.getRACertificate().getEncoded();
|
||||
|
||||
final List<X509Certificate> certs = getRootCertificates(caBytes, raBytes);
|
||||
|
||||
byte[] bytes;
|
||||
if (certs.size() == 0) {
|
||||
scepResponse.setResultCriteria(CAStatus.CA_CERT_FAILED);
|
||||
bytes = new byte[0];
|
||||
} else if (certs.size() == 1) {
|
||||
scepResponse.setResultCriteria(CAStatus.CA_CERT_RECEIVED);
|
||||
bytes = certs.get(0).getEncoded();
|
||||
} else {
|
||||
scepResponse.setResultCriteria(CAStatus.CA_RA_CERT_RECEIVED);
|
||||
CMSSignedDataGenerator generator = new CMSSignedDataGenerator();
|
||||
JcaCertStore store = new JcaCertStore(certs);
|
||||
generator.addCertificates(store);
|
||||
CMSSignedData degenerateSd = generator.generate(new CMSAbsentContent());
|
||||
bytes = degenerateSd.getEncoded();
|
||||
}
|
||||
scepResponse.setEncodedResponse(bytes);
|
||||
|
||||
return scepResponse;
|
||||
} catch (CertificateEncodingException e) {
|
||||
String errorMsg = "Certificate encoding issue occurred in getCACert";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (CMSException e) {
|
||||
String errorMsg = "CMS issue occurred in getCACert";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (IOException e) {
|
||||
String errorMsg = "Input output issue occurred in getCACert";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
}
|
||||
}
|
||||
|
||||
private void saveCertInKeyStore(X509Certificate certificate) throws KeystoreException {
|
||||
|
||||
if (certificate == null) {
|
||||
return;
|
||||
}
|
||||
|
||||
try {
|
||||
KeyStoreReader keyStoreReader = new KeyStoreReader();
|
||||
KeyStore keyStore = keyStoreReader.loadCertificateKeyStore();
|
||||
keyStore.setCertificateEntry(certificate.getSerialNumber().toString(), certificate);
|
||||
|
||||
keyStoreReader.saveCertificateKeyStore(keyStore);
|
||||
} catch (KeyStoreException e) {
|
||||
String errorMsg = "KeySKeyStoreException occurred when saving the generated certificate";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
}
|
||||
}
|
||||
}
|
@ -0,0 +1,235 @@
|
||||
/*
|
||||
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
package org.wso2.carbon.certificate.mgt.core.impl;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.wso2.carbon.certificate.mgt.core.util.ConfigurationUtil;
|
||||
import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException;
|
||||
|
||||
import java.io.FileInputStream;
|
||||
import java.io.FileNotFoundException;
|
||||
import java.io.FileOutputStream;
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.security.KeyStore;
|
||||
import java.security.KeyStoreException;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.security.PrivateKey;
|
||||
import java.security.UnrecoverableKeyException;
|
||||
import java.security.cert.Certificate;
|
||||
import java.security.cert.CertificateException;
|
||||
|
||||
public class KeyStoreReader {
|
||||
|
||||
private static final Log log = LogFactory.getLog(KeyStoreReader.class);
|
||||
|
||||
private KeyStore loadKeyStore(String configEntryKeyStoreType, String configEntryKeyStorePath,
|
||||
String configEntryKeyStorePassword) throws KeystoreException {
|
||||
|
||||
InputStream inputStream = null;
|
||||
KeyStore keystore;
|
||||
|
||||
try {
|
||||
keystore = KeyStore.getInstance(ConfigurationUtil.getConfigEntry(configEntryKeyStoreType));
|
||||
inputStream = new FileInputStream(ConfigurationUtil.getConfigEntry(configEntryKeyStorePath));
|
||||
keystore.load(inputStream, ConfigurationUtil.getConfigEntry(configEntryKeyStorePassword).toCharArray());
|
||||
|
||||
} catch (KeyStoreException e) {
|
||||
String errorMsg = "KeyStore issue occurred when loading KeyStore";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (FileNotFoundException e) {
|
||||
String errorMsg = "KeyStore file not found when loading KeyStore";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (NoSuchAlgorithmException e) {
|
||||
String errorMsg = "Algorithm not found when loading KeyStore";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (CertificateException e) {
|
||||
String errorMsg = "CertificateException when loading KeyStore";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (IOException e) {
|
||||
String errorMsg = "Input output issue occurred when loading KeyStore";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} finally {
|
||||
try {
|
||||
if (inputStream != null) {
|
||||
inputStream.close();
|
||||
}
|
||||
} catch (IOException e) {
|
||||
log.error("Error closing KeyStore input stream", e);
|
||||
}
|
||||
}
|
||||
|
||||
return keystore;
|
||||
}
|
||||
|
||||
private synchronized void saveKeyStore(KeyStore keyStore, String configEntryKeyStorePath,
|
||||
String configEntryKeyStorePassword) throws KeystoreException {
|
||||
|
||||
FileOutputStream outputStream = null;
|
||||
|
||||
try {
|
||||
outputStream = new FileOutputStream(
|
||||
ConfigurationUtil.getConfigEntry(configEntryKeyStorePath));
|
||||
keyStore.store(outputStream, ConfigurationUtil.getConfigEntry(configEntryKeyStorePassword).toCharArray());
|
||||
outputStream.close();
|
||||
|
||||
} catch (KeyStoreException e) {
|
||||
String errorMsg = "KeyStore issue occurred when loading KeyStore";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (FileNotFoundException e) {
|
||||
String errorMsg = "KeyStore file not found when loading KeyStore";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (NoSuchAlgorithmException e) {
|
||||
String errorMsg = "Algorithm not found when loading KeyStore";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (CertificateException e) {
|
||||
String errorMsg = "CertificateException when loading KeyStore";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (IOException e) {
|
||||
String errorMsg = "Input output issue occurred when loading KeyStore";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} finally {
|
||||
try {
|
||||
if (outputStream != null) {
|
||||
outputStream.close();
|
||||
}
|
||||
} catch (IOException e) {
|
||||
log.error("Error closing KeyStore output stream", e);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
KeyStore loadCertificateKeyStore() throws KeystoreException {
|
||||
return loadKeyStore(ConfigurationUtil.CERTIFICATE_KEYSTORE, ConfigurationUtil.PATH_CERTIFICATE_KEYSTORE,
|
||||
ConfigurationUtil.CERTIFICATE_KEYSTORE_PASSWORD);
|
||||
}
|
||||
|
||||
void saveCertificateKeyStore(KeyStore keyStore) throws KeystoreException {
|
||||
saveKeyStore(keyStore, ConfigurationUtil.PATH_CERTIFICATE_KEYSTORE,
|
||||
ConfigurationUtil.CERTIFICATE_KEYSTORE_PASSWORD);
|
||||
}
|
||||
|
||||
public Certificate getCACertificate() throws KeystoreException {
|
||||
|
||||
KeyStore keystore = loadCertificateKeyStore();
|
||||
Certificate caCertificate;
|
||||
|
||||
try {
|
||||
caCertificate = keystore.getCertificate(ConfigurationUtil.getConfigEntry(ConfigurationUtil.CA_CERT_ALIAS));
|
||||
} catch (KeyStoreException e) {
|
||||
String errorMsg = "KeyStore issue occurred when loading KeyStore";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
}
|
||||
|
||||
if (caCertificate == null) {
|
||||
throw new KeystoreException("CA certificate not found in KeyStore");
|
||||
}
|
||||
|
||||
return caCertificate;
|
||||
}
|
||||
|
||||
PrivateKey getCAPrivateKey() throws KeystoreException {
|
||||
|
||||
KeyStore keyStore = loadCertificateKeyStore();
|
||||
PrivateKey caPrivateKey;
|
||||
try {
|
||||
caPrivateKey = (PrivateKey) (keyStore.getKey(
|
||||
ConfigurationUtil.getConfigEntry(ConfigurationUtil.CA_CERT_ALIAS),
|
||||
ConfigurationUtil.getConfigEntry(ConfigurationUtil.KEYSTORE_CA_CERT_PRIV_PASSWORD).toCharArray()));
|
||||
} catch (UnrecoverableKeyException e) {
|
||||
String errorMsg = "Key is unrecoverable when retrieving CA private key";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (KeyStoreException e) {
|
||||
String errorMsg = "KeyStore issue occurred when retrieving CA private key";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (NoSuchAlgorithmException e) {
|
||||
String errorMsg = "Algorithm not found when retrieving CA private key";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
}
|
||||
|
||||
if (caPrivateKey == null) {
|
||||
throw new KeystoreException("CA private key not found in KeyStore");
|
||||
}
|
||||
|
||||
return caPrivateKey;
|
||||
}
|
||||
|
||||
public Certificate getRACertificate() throws KeystoreException {
|
||||
|
||||
KeyStore keystore = loadCertificateKeyStore();
|
||||
Certificate raCertificate;
|
||||
try {
|
||||
raCertificate = keystore.getCertificate(ConfigurationUtil.getConfigEntry(ConfigurationUtil.RA_CERT_ALIAS));
|
||||
} catch (KeyStoreException e) {
|
||||
String errorMsg = "KeyStore issue occurred when retrieving RA private key";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
}
|
||||
|
||||
if (raCertificate == null) {
|
||||
throw new KeystoreException("RA certificate not found in KeyStore");
|
||||
}
|
||||
|
||||
return raCertificate;
|
||||
}
|
||||
|
||||
PrivateKey getRAPrivateKey() throws KeystoreException {
|
||||
|
||||
KeyStore keystore = loadCertificateKeyStore();
|
||||
PrivateKey raPrivateKey;
|
||||
try {
|
||||
raPrivateKey = (PrivateKey) (keystore.getKey(
|
||||
ConfigurationUtil.getConfigEntry(ConfigurationUtil.RA_CERT_ALIAS),
|
||||
ConfigurationUtil.getConfigEntry(ConfigurationUtil.KEYSTORE_RA_CERT_PRIV_PASSWORD).toCharArray()));
|
||||
} catch (UnrecoverableKeyException e) {
|
||||
String errorMsg = "Key is unrecoverable when retrieving RA private key";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (KeyStoreException e) {
|
||||
String errorMsg = "KeyStore issue occurred when retrieving RA private key";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (NoSuchAlgorithmException e) {
|
||||
String errorMsg = "Algorithm not found when retrieving RA private key";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
}
|
||||
|
||||
if (raPrivateKey == null) {
|
||||
throw new KeystoreException("RA private key not found in KeyStore");
|
||||
}
|
||||
|
||||
return raPrivateKey;
|
||||
}
|
||||
}
|
@ -0,0 +1,58 @@
|
||||
/*
|
||||
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
package org.wso2.carbon.certificate.mgt.core.internal;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.osgi.framework.BundleContext;
|
||||
import org.osgi.service.component.ComponentContext;
|
||||
import org.wso2.carbon.certificate.mgt.core.service.CertificateManagementService;
|
||||
import org.wso2.carbon.certificate.mgt.core.service.CertificateManagementServiceImpl;
|
||||
|
||||
/**
|
||||
* @scr.component name="org.wso2.carbon.certificate.mgt" immediate="true"
|
||||
*/
|
||||
public class CertificateManagementServiceComponent {
|
||||
|
||||
private static Log log = LogFactory.getLog(CertificateManagementServiceComponent.class);
|
||||
|
||||
@SuppressWarnings("unused")
|
||||
protected void activate(ComponentContext componentContext) {
|
||||
try {
|
||||
if (log.isDebugEnabled()) {
|
||||
log.debug("Initializing certificate management core bundle");
|
||||
}
|
||||
|
||||
BundleContext bundleContext = componentContext.getBundleContext();
|
||||
bundleContext.registerService(CertificateManagementService.class.getName(),
|
||||
CertificateManagementServiceImpl.getInstance(), null);
|
||||
|
||||
if (log.isDebugEnabled()) {
|
||||
log.debug("Certificate management core bundle has been successfully initialized");
|
||||
}
|
||||
} catch (Throwable e) {
|
||||
log.error("Error occurred while initializing certificate management core bundle", e);
|
||||
}
|
||||
}
|
||||
|
||||
@SuppressWarnings("unused")
|
||||
protected void deactivate(ComponentContext componentContext) {
|
||||
//do nothing
|
||||
}
|
||||
|
||||
}
|
@ -0,0 +1,49 @@
|
||||
/*
|
||||
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
package org.wso2.carbon.certificate.mgt.core.service;
|
||||
|
||||
import org.bouncycastle.pkcs.PKCS10CertificationRequest;
|
||||
import org.wso2.carbon.certificate.mgt.core.dto.SCEPResponse;
|
||||
import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException;
|
||||
|
||||
import java.io.InputStream;
|
||||
import java.security.PrivateKey;
|
||||
import java.security.cert.Certificate;
|
||||
import java.security.cert.X509Certificate;
|
||||
import java.util.List;
|
||||
|
||||
public interface CertificateManagementService {
|
||||
|
||||
Certificate getCACertificate() throws KeystoreException;
|
||||
|
||||
Certificate getRACertificate() throws KeystoreException;
|
||||
|
||||
public List<X509Certificate> getRootCertificates(byte[] ca, byte[] ra) throws KeystoreException;
|
||||
|
||||
public X509Certificate generateX509Certificate() throws KeystoreException;
|
||||
|
||||
public SCEPResponse getCACertSCEP() throws KeystoreException;
|
||||
|
||||
public byte[] getCACapsSCEP();
|
||||
|
||||
public byte[] getPKIMessageSCEP(InputStream inputStream) throws KeystoreException;
|
||||
|
||||
public X509Certificate generateCertificateFromCSR(PrivateKey privateKey,
|
||||
PKCS10CertificationRequest request,
|
||||
String issueSubject) throws KeystoreException;
|
||||
}
|
@ -0,0 +1,87 @@
|
||||
/*
|
||||
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
package org.wso2.carbon.certificate.mgt.core.service;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.bouncycastle.pkcs.PKCS10CertificationRequest;
|
||||
import org.wso2.carbon.certificate.mgt.core.dto.SCEPResponse;
|
||||
import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException;
|
||||
import org.wso2.carbon.certificate.mgt.core.impl.CertificateGenerator;
|
||||
import org.wso2.carbon.certificate.mgt.core.impl.KeyStoreReader;
|
||||
import org.wso2.carbon.certificate.mgt.core.util.ConfigurationUtil;
|
||||
|
||||
import java.io.InputStream;
|
||||
import java.security.PrivateKey;
|
||||
import java.security.cert.Certificate;
|
||||
import java.security.cert.X509Certificate;
|
||||
import java.util.List;
|
||||
|
||||
public class CertificateManagementServiceImpl implements CertificateManagementService {
|
||||
|
||||
private static final Log log = LogFactory.getLog(CertificateManagementServiceImpl.class);
|
||||
private static CertificateManagementServiceImpl certificateManagementServiceImpl;
|
||||
private static KeyStoreReader keyStoreReader;
|
||||
private static CertificateGenerator certificateGenerator;
|
||||
|
||||
private CertificateManagementServiceImpl() {}
|
||||
|
||||
public static CertificateManagementServiceImpl getInstance() {
|
||||
|
||||
if (certificateManagementServiceImpl == null) {
|
||||
certificateManagementServiceImpl = new CertificateManagementServiceImpl();
|
||||
keyStoreReader = new KeyStoreReader();
|
||||
certificateGenerator = new CertificateGenerator();
|
||||
}
|
||||
return certificateManagementServiceImpl;
|
||||
}
|
||||
|
||||
public Certificate getCACertificate() throws KeystoreException {
|
||||
return keyStoreReader.getCACertificate();
|
||||
}
|
||||
|
||||
public Certificate getRACertificate() throws KeystoreException {
|
||||
return keyStoreReader.getRACertificate();
|
||||
}
|
||||
|
||||
public List<X509Certificate> getRootCertificates(byte[] ca, byte[] ra) throws KeystoreException {
|
||||
return certificateGenerator.getRootCertificates(ca, ra);
|
||||
}
|
||||
|
||||
public X509Certificate generateX509Certificate() throws KeystoreException {
|
||||
return certificateGenerator.generateX509Certificate();
|
||||
}
|
||||
|
||||
public SCEPResponse getCACertSCEP() throws KeystoreException {
|
||||
return certificateGenerator.getCACert();
|
||||
}
|
||||
|
||||
public byte[] getCACapsSCEP() {
|
||||
return ConfigurationUtil.POST_BODY_CA_CAPS.getBytes();
|
||||
}
|
||||
|
||||
public byte[] getPKIMessageSCEP(InputStream inputStream) throws KeystoreException {
|
||||
return certificateGenerator.getPKIMessage(inputStream);
|
||||
}
|
||||
|
||||
public X509Certificate generateCertificateFromCSR(PrivateKey privateKey,
|
||||
PKCS10CertificationRequest request,
|
||||
String issueSubject) throws KeystoreException {
|
||||
return certificateGenerator.generateCertificateFromCSR(privateKey, request, issueSubject);
|
||||
}
|
||||
}
|
@ -0,0 +1,43 @@
|
||||
/*
|
||||
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
package org.wso2.carbon.certificate.mgt.core.util;
|
||||
|
||||
import java.util.Calendar;
|
||||
import java.util.Date;
|
||||
|
||||
public class CommonUtil {
|
||||
|
||||
public Date getValidityStartDate() {
|
||||
Date targetDate = new Date();
|
||||
Calendar calendar = Calendar.getInstance();
|
||||
calendar.setTime(targetDate);
|
||||
calendar.add(Calendar.DATE, -2);
|
||||
|
||||
return calendar.getTime();
|
||||
}
|
||||
|
||||
public Date getValidityEndDate() {
|
||||
Date targetDate = new Date();
|
||||
Calendar calendar = Calendar.getInstance();
|
||||
calendar.setTime(targetDate);
|
||||
calendar.add(Calendar.YEAR, 100);
|
||||
|
||||
return calendar.getTime();
|
||||
}
|
||||
|
||||
}
|
@ -0,0 +1,137 @@
|
||||
/*
|
||||
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
package org.wso2.carbon.certificate.mgt.core.util;
|
||||
|
||||
import org.w3c.dom.Document;
|
||||
import org.w3c.dom.NodeList;
|
||||
import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException;
|
||||
import org.xml.sax.SAXException;
|
||||
import javax.xml.parsers.DocumentBuilder;
|
||||
import javax.xml.parsers.DocumentBuilderFactory;
|
||||
import javax.xml.parsers.ParserConfigurationException;
|
||||
import java.io.File;
|
||||
import java.io.IOException;
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
public class ConfigurationUtil {
|
||||
|
||||
public static final String PATH_CERTIFICATE_KEYSTORE = "CertificateKeystoreLocation";
|
||||
public static final String CERTIFICATE_KEYSTORE_PASSWORD = "CertificateKeystorePassword";
|
||||
public static final String KEYSTORE_CA_CERT_PRIV_PASSWORD = "CAPrivateKeyPassword";
|
||||
public static final String KEYSTORE_RA_CERT_PRIV_PASSWORD = "RAPrivateKeyPassword";
|
||||
public static final String CA_CERT_ALIAS = "CACertAlias";
|
||||
public static final String RA_CERT_ALIAS = "RACertAlias";
|
||||
public static final String SIGNATUREALGO = "SHA1withRSA";
|
||||
public static final String PROVIDER = "BC";
|
||||
public static final String KEYSTORE = "Type";
|
||||
public static final String CERTIFICATE_KEYSTORE = "CertificateKeystoreType";
|
||||
public static final String RSA = "RSA";
|
||||
public static final String UTF_8 = "UTF-8";
|
||||
public static final String SHA256_RSA = "SHA256WithRSAEncryption";
|
||||
public static final String X_509 = "X.509";
|
||||
public static final String POST_BODY_CA_CAPS = "POSTPKIOperation\nSHA-1\nDES3\n";
|
||||
public static final String DES_EDE = "DESede";
|
||||
public static final String CONF_LOCATION = "conf.location";
|
||||
private static final String CARBON_HOME = "carbon.home";
|
||||
private static final String CERTIFICATE_CONFIG_XML = "certificate-config.xml";
|
||||
private static final String CARBON_HOME_ENTRY = "${carbon.home}";
|
||||
public static final String DEFAULT_PRINCIPAL = "O=WSO2, OU=Mobile, C=LK";
|
||||
public static final String RSA_PRIVATE_KEY_BEGIN_TEXT = "-----BEGIN RSA PRIVATE KEY-----\n";
|
||||
public static final String RSA_PRIVATE_KEY_END_TEXT = "-----END RSA PRIVATE KEY-----";
|
||||
public static final String EMPTY_TEXT = "";
|
||||
public static final int RSA_KEY_LENGTH = 1024;
|
||||
|
||||
|
||||
private static ConfigurationUtil configurationUtil;
|
||||
private static final String[] certificateConfigEntryNames = { CA_CERT_ALIAS, RA_CERT_ALIAS,
|
||||
CERTIFICATE_KEYSTORE, PATH_CERTIFICATE_KEYSTORE, CERTIFICATE_KEYSTORE_PASSWORD,
|
||||
KEYSTORE_CA_CERT_PRIV_PASSWORD, KEYSTORE_RA_CERT_PRIV_PASSWORD };
|
||||
|
||||
private static Map<String, String> configMap;
|
||||
|
||||
private static Map<String, String> readCertificateConfigurations() throws KeystoreException {
|
||||
|
||||
String certConfLocation = System.getProperty(CONF_LOCATION) + File.separator + CERTIFICATE_CONFIG_XML;
|
||||
|
||||
if (configurationUtil == null || configMap == null) {
|
||||
|
||||
configurationUtil = new ConfigurationUtil();
|
||||
configMap = new HashMap<String, String>();
|
||||
|
||||
Document document;
|
||||
try {
|
||||
File fXmlFile = new File(certConfLocation);
|
||||
DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();
|
||||
DocumentBuilder documentBuilder = documentBuilderFactory.newDocumentBuilder();
|
||||
document = documentBuilder.parse(fXmlFile);
|
||||
} catch (ParserConfigurationException e) {
|
||||
throw new KeystoreException("Error parsing configuration in certificate-config.xml file");
|
||||
} catch (SAXException e) {
|
||||
throw new KeystoreException("SAX exception in certificate-config.xml file");
|
||||
} catch (IOException e) {
|
||||
throw new KeystoreException("Error reading certificate-config.xml file");
|
||||
}
|
||||
|
||||
for (String configEntry : certificateConfigEntryNames) {
|
||||
NodeList elements = document.getElementsByTagName(configEntry);
|
||||
if (elements != null && elements.getLength() > 0) {
|
||||
configMap.put(configEntry, elements.item(0).getTextContent());
|
||||
}
|
||||
}
|
||||
|
||||
String certKeyStoreLocation = replaceCarbonHomeEnvEntry(configMap.get(PATH_CERTIFICATE_KEYSTORE));
|
||||
if (certKeyStoreLocation != null) {
|
||||
configMap.put(PATH_CERTIFICATE_KEYSTORE, certKeyStoreLocation);
|
||||
}
|
||||
}
|
||||
|
||||
return configMap;
|
||||
}
|
||||
|
||||
public static String getConfigEntry(final String entry) throws KeystoreException {
|
||||
|
||||
Map<String, String> configurationMap = readCertificateConfigurations();
|
||||
String configValue = configurationMap.get(entry);
|
||||
|
||||
if (configValue == null) {
|
||||
throw new KeystoreException(String.format("Configuration entry %s not available", entry));
|
||||
}
|
||||
|
||||
return configValue.trim();
|
||||
}
|
||||
|
||||
private static String replaceCarbonHomeEnvEntry(String entry) {
|
||||
if (entry != null && entry.toLowerCase().contains(CARBON_HOME_ENTRY)) {
|
||||
return entry.replace(CARBON_HOME_ENTRY, System.getProperty(CARBON_HOME));
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
public static ConfigurationUtil getInstance() {
|
||||
if (configurationUtil == null) {
|
||||
synchronized (ConfigurationUtil.class) {
|
||||
if (configurationUtil == null) {
|
||||
configurationUtil = new ConfigurationUtil();
|
||||
}
|
||||
}
|
||||
}
|
||||
return configurationUtil;
|
||||
}
|
||||
}
|
@ -0,0 +1,103 @@
|
||||
package org.wso2.carbon.certificate.mgt.core.impl;
|
||||
|
||||
import org.apache.commons.io.FileUtils;
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.testng.Assert;
|
||||
import org.testng.annotations.Test;
|
||||
import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException;
|
||||
import org.wso2.carbon.certificate.mgt.core.util.ConfigurationUtil;
|
||||
|
||||
import java.io.File;
|
||||
import java.io.IOException;
|
||||
import java.security.cert.X509Certificate;
|
||||
import java.util.List;
|
||||
|
||||
public class CertificateGeneratorTestSuite {
|
||||
|
||||
private static Log log = LogFactory.getLog(CertificateGeneratorTestSuite.class);
|
||||
private static final String CA_CERT_PEM = "src/test/resources/ca_cert.pem";
|
||||
private static final String RA_CERT_PEM = "src/test/resources/ra_cert.pem";
|
||||
private static final String CA_PRIVATE_KEY_PATH = "src/test/resources/ca_private.key";
|
||||
private static final String CERTIFICATE_CONFIG_PATH = "src/test/resources/certificate-config.xml";
|
||||
private final CertificateGenerator certificateGenerator = new CertificateGenerator();
|
||||
|
||||
@Test
|
||||
public void testGetRootCertificates() {
|
||||
try {
|
||||
File caPemFile = new File(CA_CERT_PEM);
|
||||
File raPemFile = new File(RA_CERT_PEM);
|
||||
|
||||
byte[] ca = FileUtils.readFileToByteArray(caPemFile);
|
||||
byte[] ra = FileUtils.readFileToByteArray(raPemFile);
|
||||
|
||||
List<X509Certificate> rootCertificates = certificateGenerator.getRootCertificates(ca, ra);
|
||||
Assert.assertNotNull(rootCertificates, "Root certificates retrieved");
|
||||
|
||||
Assert.assertEquals(rootCertificates.get(0).getType(), ConfigurationUtil.X_509);
|
||||
Assert.assertEquals(rootCertificates.get(1).getType(), ConfigurationUtil.X_509);
|
||||
} catch (IOException e) {
|
||||
Assert.fail("Error reading byte streams for CA and RA ", e);
|
||||
} catch (KeystoreException e) {
|
||||
Assert.fail("Error retrieving root certificates ", e);
|
||||
}
|
||||
}
|
||||
|
||||
// @Test
|
||||
// public void testGenerateX509Certificate() {
|
||||
// try {
|
||||
// System.setProperty(ConfigurationUtil.CONF_LOCATION, CERTIFICATE_CONFIG_PATH);
|
||||
// X509Certificate certificate = certificateGenerator.generateX509Certificate();
|
||||
//
|
||||
// Assert.assertNotNull(certificate, "Certificate received");
|
||||
// Assert.assertEquals(certificate.getType(), ConfigurationUtil.X_509);
|
||||
// } catch (KeystoreException e) {
|
||||
// Assert.fail("Error occurred while generating X509 certificate ", e);
|
||||
// }
|
||||
// }
|
||||
|
||||
// @Test
|
||||
// public void testGetPKIMessage() {
|
||||
// try {
|
||||
// byte[] pkiMessage = certificateGenerator.getPKIMessage(null);
|
||||
// } catch (IOSEnrollmentException e) {
|
||||
// Assert.fail("Error occurred while retrieving PKI Message ", e);
|
||||
// }
|
||||
// }
|
||||
|
||||
// @Test
|
||||
// public void testGenerateCertificateFromCSR() {
|
||||
// try {
|
||||
// X509Certificate certificate = certificateGenerator.generateX509Certificate();
|
||||
//
|
||||
// Assert.assertNotNull(certificate, "Certificate received");
|
||||
// Assert.assertEquals(certificate.getType(), ConfigurationUtil.X_509);
|
||||
// } catch (KeystoreException e) {
|
||||
// Assert.fail("Error occurred while generating certificate from CSR ", e);
|
||||
// }
|
||||
// }
|
||||
|
||||
// @Test
|
||||
// public void testGetSignerKey() {
|
||||
// try {
|
||||
// PrivateKey privateKey = certificateGenerator.getSignerKey(CA_PRIVATE_KEY_PATH);
|
||||
//
|
||||
// Assert.assertNotNull(privateKey, "Private key received");
|
||||
// Assert.assertEquals(privateKey.getAlgorithm(), ConfigurationUtil.RSA);
|
||||
// } catch (KeystoreException e) {
|
||||
// Assert.fail("Error occurred while generating certificate ", e);
|
||||
// }
|
||||
// }
|
||||
//
|
||||
// @Test
|
||||
// public void testGetSigner() {
|
||||
// try {
|
||||
// X509Certificate certificate = certificateGenerator.getSigner(CA_CERT_PEM);
|
||||
//
|
||||
// Assert.assertNotNull(certificate, "Certificate received");
|
||||
// Assert.assertEquals(certificate.getType(), ConfigurationUtil.X_509);
|
||||
// } catch (KeystoreException e) {
|
||||
// Assert.fail("Error while retrieving certificate ", e);
|
||||
// }
|
||||
// }
|
||||
}
|
@ -0,0 +1,38 @@
|
||||
package org.wso2.carbon.certificate.mgt.core.util;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.testng.Assert;
|
||||
import org.testng.annotations.Test;
|
||||
|
||||
import java.util.Date;
|
||||
|
||||
public class CommonUtilTestSuite {
|
||||
|
||||
private static Log log = LogFactory.getLog(CommonUtilTestSuite.class);
|
||||
private final CommonUtil commonUtil = new CommonUtil();
|
||||
|
||||
@Test
|
||||
public void testValidityStartDate() {
|
||||
Date validityStartDate = commonUtil.getValidityStartDate();
|
||||
|
||||
if(validityStartDate == null) {
|
||||
Assert.fail("Validity start date is empty");
|
||||
}
|
||||
|
||||
Date todayDate = new Date();
|
||||
Assert.assertTrue(validityStartDate.before(todayDate), "Validity start date is valid");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testValidityEndDate() {
|
||||
Date validityEndDate = commonUtil.getValidityEndDate();
|
||||
|
||||
if(validityEndDate == null) {
|
||||
Assert.fail("Validity end date is empty");
|
||||
}
|
||||
|
||||
Date todayDate = new Date();
|
||||
Assert.assertTrue(validityEndDate.after(todayDate), "Validity end date is valid");
|
||||
}
|
||||
}
|
@ -0,0 +1,34 @@
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIF+zCCA+OgAwIBAgIJAJE458QXNuiLMA0GCSqGSIb3DQEBBQUAMIGLMQswCQYD
|
||||
VQQGEwJVUzENMAsGA1UECBMEVGVzdDENMAsGA1UEBxMEVGVzdDERMA8GA1UEChMI
|
||||
VGVzdCBPcmcxFjAUBgNVBAsTDVRlc3Qgb3JnIHVuaXQxFTATBgNVBAMTDFdTTzIg
|
||||
Um9vdCBDQTEcMBoGCSqGSIb3DQEJARYNcm9vdEB3c28yLmNvbTAeFw0xNTAxMjcx
|
||||
MjUxMjRaFw0xNzEwMjMxMjUxMjRaMIGLMQswCQYDVQQGEwJVUzENMAsGA1UECBME
|
||||
VGVzdDENMAsGA1UEBxMEVGVzdDERMA8GA1UEChMIVGVzdCBPcmcxFjAUBgNVBAsT
|
||||
DVRlc3Qgb3JnIHVuaXQxFTATBgNVBAMTDFdTTzIgUm9vdCBDQTEcMBoGCSqGSIb3
|
||||
DQEJARYNcm9vdEB3c28yLmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC
|
||||
ggIBANJ756zjlkNKJf9O80qwFWxlwr4vOa80oaGXaO8Luj8ZNb7zyGATppTmZi2b
|
||||
rRVfNPGHhN/0REb5+Gcf0xvk1b5Wp4E+JoDKfZMwOVQsMVmKYHqopgiiE28L/YoN
|
||||
d0XmZA0J03nfQ4rzYggwQX7oRsW/AptkdURV4i8xD3SsqDGDZyYxQVDkj55nrweE
|
||||
d5FWOnYvvpdbFJ4WanJmGe1WRtLMJ0jFi7tw9Wc7W/5+fvIA9bvHDHoG1VlfyjQU
|
||||
SvTLlAN7Ui0ztXTcOZuN3HI0putMQRyaAD7Ljl7E1ROiqMhN/z80Bck8Yi7ELOmq
|
||||
+cJOir/4CAamj8SugZ0iXo922slrSemWL9tjNT7MFmjFXmgIfVmaJF7OxKyxHhO8
|
||||
gJKTlU2KSJJH2CzMwnGdRFrDlsAotVjGLYFWHUN4HW2uA2crEEmk+UduwnVMazqU
|
||||
wBFxv+INf0U55bsXTv7C3L06IUaTBvxhxKQmzj9BeQGwWAC2Co4s5riT2ttivSRl
|
||||
XijPIEDTfmvE/fjj4KfQQOTY3+EejacMe6gb/qVsCZ1g9Tbk7WLgjYHBuOQSAz3l
|
||||
wPPqPY+6CakeL29wWyPg7pGzR6lMcYItUdHJuNsTijs0x6Xi1O5iIuL2o0vl8FRH
|
||||
+tZFm3ujtCIHprjUgcn6aOR9Ms/NkUJCziKKAb4KoohNFgr/AgMBAAGjYDBeMB0G
|
||||
A1UdDgQWBBSDhLDYVCYhJsxvK1ZNV05qGGVajjAfBgNVHSMEGDAWgBSDhLDYVCYh
|
||||
JsxvK1ZNV05qGGVajjAPBgNVHRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBhjANBgkq
|
||||
hkiG9w0BAQUFAAOCAgEAykqOsxHV43Bx24+7DfxLNYyafBayHacQ4uwtldwexyQB
|
||||
fIyJKjhzZUSvl37zhFPhJRJHogFIds+FoqaQsF8PvI/YSKs3UYRhje2mJan79lEA
|
||||
rCd+3zDGmzQhmutVo7C1bCQuujV8YLIJGvvcnMcHnMLpc5CfjzmI2C6qMZ5XgpHx
|
||||
/Mhindllqr0ZVvqRive0A2svW1k47XWB7BIfx/aoZ1viPHDNYVuYZ6j/NAFv8/Fu
|
||||
3n/TfYOJ5rz0NPGHYXnmFcgGxtYTu5u6Q9YVdDLZv9lqYbMRSdiQ8SVDzwxft9N5
|
||||
g6/VoXLoMpCS7/6jR3J0GbG2r/vr024QMOHDZHQDjkAVUBni6/bRHqj389RnOXhQ
|
||||
+TSlx/hGgtdTpZRv63PjAqTCdDAhazWAgG/W+dxUhAywiOYHeXincuuDER0ypkfG
|
||||
caUvbN9/mWtGJvtW+L9OlTj3LQlXD2ORehz5itS3eV0DVkscCOLzzkVLtIJeew1o
|
||||
RmiADNOUe5A6V0cW5HIFi9F7Recqv9lGphwQeq+2cmvUKkSPcx+Z/SHTT/nIOioq
|
||||
xxafJhci5dAEsPgtzxnA6QqPQtxOj46aZxQh5+hzZ/1CQq3UThDdQreJL51c+NOS
|
||||
ZFQh6YVpJH6ZdSldBJnHjbS7RL/bv2kl1Pmv808T+iG+GpDw2XljwsI6TL8ACok=
|
||||
-----END CERTIFICATE-----
|
@ -0,0 +1,51 @@
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIJKgIBAAKCAgEA0nvnrOOWQ0ol/07zSrAVbGXCvi85rzShoZdo7wu6Pxk1vvPI
|
||||
YBOmlOZmLZutFV808YeE3/RERvn4Zx/TG+TVvlangT4mgMp9kzA5VCwxWYpgeqim
|
||||
CKITbwv9ig13ReZkDQnTed9DivNiCDBBfuhGxb8Cm2R1RFXiLzEPdKyoMYNnJjFB
|
||||
UOSPnmevB4R3kVY6di++l1sUnhZqcmYZ7VZG0swnSMWLu3D1Zztb/n5+8gD1u8cM
|
||||
egbVWV/KNBRK9MuUA3tSLTO1dNw5m43ccjSm60xBHJoAPsuOXsTVE6KoyE3/PzQF
|
||||
yTxiLsQs6ar5wk6Kv/gIBqaPxK6BnSJej3bayWtJ6ZYv22M1PswWaMVeaAh9WZok
|
||||
Xs7ErLEeE7yAkpOVTYpIkkfYLMzCcZ1EWsOWwCi1WMYtgVYdQ3gdba4DZysQSaT5
|
||||
R27CdUxrOpTAEXG/4g1/RTnluxdO/sLcvTohRpMG/GHEpCbOP0F5AbBYALYKjizm
|
||||
uJPa22K9JGVeKM8gQNN+a8T9+OPgp9BA5Njf4R6Npwx7qBv+pWwJnWD1NuTtYuCN
|
||||
gcG45BIDPeXA8+o9j7oJqR4vb3BbI+DukbNHqUxxgi1R0cm42xOKOzTHpeLU7mIi
|
||||
4vajS+XwVEf61kWbe6O0IgemuNSByfpo5H0yz82RQkLOIooBvgqiiE0WCv8CAwEA
|
||||
AQKCAgBAyt+AOvawdAzKULVX0mhl29Vc0hDBvEPdCEzG+Sc18T64LzcJTENFJr9h
|
||||
XsCjCZG0n/DpN7ok1yH+LK/BsGmTk/0wLb+QecS6IGglXw058PzOBUhG9A1ja596
|
||||
dba3j7pQwSuWIoIaLd2Jg8FFnZ7blHbq+ruWc5GS0Vleox+LTlXcTeE7U4BaVLRu
|
||||
bfqYhKCubPgQg3sPRvsxh/iHNL3MegfFwPnIk3cXdhBVgP725BDA4v8WOTBHuNL3
|
||||
wR9px5kikT20qGw9MuWQ2tR3W3neiLSqZ0WYDvUeexzUVIf8UPY3sH3vemUG3GCu
|
||||
9XC4vZC8k091LKSo+MbxZfkR1JZ4R2CEMcFJaz/jc6VN2bTOWuWWczReOzq0Xx7P
|
||||
GbsmcQNBhY8qBoz+cOWifxBWZzKSWfcNMgwnNyAKlDrOehpp+gZ1yH7dk9fL/wrE
|
||||
jSEEnhq4SVDeGEOo7gEi17Px8/256PKwQB4wELPBwODBslPzJ0PPDKk4mxBq3JQP
|
||||
EJKnBhu15KGJuoUZ42GcYSn55Zu/Rujqhn9cWbwhq0KrExwVI3EWnd89dYv360Mu
|
||||
RskqPTuEpAUOUCQPIUT0p3f1PBgML6L5HxjJDUt6n2N8Y1xT8sKF6FKnbvdizcqz
|
||||
v0+xdBk0xpSoazHzH1lnia3fZ6EPzMPHbLrz4ga0eUdaGwbSEQKCAQEA6sUljKKH
|
||||
7EsKsXaQ6igqQ2TkZWTu+xqRlFjb2tTmyHt99O4w3L45ae0la7ApygTRFHs3z9XB
|
||||
ws12bVkXdA35txKk97SNmWDrZbxpswHmTSnrOLGD2VFD4J/YifuBkT8K7PEJno9U
|
||||
Ewi70RHGQEFfL3VL1TOa2WnJELOLkzoCkBL/NaVawtbK7O7KIrCu3jFCq3zu+uku
|
||||
XVHTzXi+gr+uknGraxKcyLhCu6/7Uot+uYrtCzFsk4vTs2bovWuL2KLi/MAP8x3K
|
||||
FcNNj2SPr+PzwzlqthiW/rtZjg7MFMdN9RAhImjbIJt3svzWsB4nr7VQxHYStfFJ
|
||||
xIwbFp233qFKjQKCAQEA5YSK9L9o4LRDilwCz3p1tZ1tgY9tMUbG2wx0dG9xrETY
|
||||
4yGwTPAc++Tp3aOnbO544ZpnGLBoQTgtOc1p4jyj/Md2CwlP8UfbYhEdYEN9Gn5H
|
||||
ylu1b0cRwHeO4Bfnekqk8EL0rl3KUUsAk2uKEwCBwsuxjFurMDasyoA5T5gcsa4p
|
||||
EhEF5D7t5sJb7f8hP+vMBa2yUKQT9dflF8xN7iHvxhun1qipX1AzZ341H94QbgRb
|
||||
rYdfxzBr4aa5UZe5Ls9ofQf0S3zXVEXah/Pg+3o0BppdIrtLXTWcI/yeE6L8/Ebr
|
||||
jMXLiTzd4bwWjbTijEJ/MKb/UsPQqbZsXNzMiyxuuwKCAQEAvs0xQkYJr+ohK6+Q
|
||||
AS5ZguJpmVpZu6yRKn65V/V2BvQOn1RCU/Up1kQNCKNooy4c+sdVyc0RJ5AyspYY
|
||||
sJJ3I+m8NzD/b+tMBSgGw5xEnuv1puLmpGUehF2E8Ed+uxwAdidDySD1lG6hrj4C
|
||||
4NAAWyK6WfER5abK6Y7yXdpkoNE/p0rXI8jLrZo4n872n9BrPdJQq419yAwr1i9O
|
||||
rha4+330chXzZFIUslNJL4H9oTAejN1DP/sBOCnn96KDSrK/RemWTOEmD1/mFicF
|
||||
fE8IGt78Mjhz510+YGz4Qd7lJclRFJUhmjOgKdDBbutjF7OFi9XmSQZsDJhNn6jY
|
||||
+dAeNQKCAQEAsAFpUfCq644xMRwIJ7VAKQrVnAIx+RTOj9JIR7XilPmi3OLLwORt
|
||||
RZmw4f+K99UUK+Vs5Bj7ifAbdnUYmp5oHwOSeTol7OBu0xBO17BJcpSeVwbm5rO4
|
||||
YEEO9rg+EaDGRV0DJ+fSq255vZM9Kf88gvYTbJArgeibrxqPWINMldD5u9oEC5la
|
||||
dJhdSPBaPhuDtGMUGBULHX73Nr28kT3DEsfIeKuUXvwwv0+gS5TOQp/i8fqbLzPp
|
||||
tvxUpsZUAxqYhTEhXPYaZoy+3Xze7dozpVCg1W6Nh6gB2fLyAhr+KDP2lFhmEhL0
|
||||
EBRds0Oga3De+p9FsuFo1YyIItpLnPpw2wKCAQEArUQM9k0Qprczx9sKf/YF+ulx
|
||||
tiiGyRUV7kAcrQiQAjB88wPoB/ovnW4VCI4y/mNeZGvyCWeQx9g+Ntc5BJlIlJYi
|
||||
wviyQ5Lq1OlOWQlWIkKCI2Z+s5uYKTSgZRp7VLnvKswHnxBy2Bxq3i9taP6QYlZz
|
||||
3ff/plfK3ZM6moc89wl/aQgdhWsV/WV7bKcnncM9K2N7dpKzRcZ+6iuJt9PNKo5V
|
||||
6GUYEvn04twumzgqGtYQbiq63YfHe8QLvX/j8ffGH8O0rUAIrQnrNl0n0SoE9ECU
|
||||
lUCVCXzypT+MKAeHfI4aFeWG48sdfnHPWOkyRHXWFLAwkHUVnqmYhXLpmJBtMw==
|
||||
-----END RSA PRIVATE KEY-----
|
@ -0,0 +1,19 @@
|
||||
<?xml version="1.0" encoding="ISO-8859-1"?>
|
||||
<CertificateConfigurations>
|
||||
<CertificateKeystore>
|
||||
<!-- Certificate Keystore file location-->
|
||||
<CertificateKeystoreLocation>${carbon.home}/repository/resources/security/wso2certs.jks</CertificateKeystoreLocation>
|
||||
<!-- Certificate Keystore type (JKS/PKCS12 etc.)-->
|
||||
<CertificateKeystoreType>JKS</CertificateKeystoreType>
|
||||
<!-- Certificate Keystore password-->
|
||||
<CertificateKeystorePassword>wso2carbon</CertificateKeystorePassword>
|
||||
<!-- Certificate authority certificate alias -->
|
||||
<CACertAlias>cacert</CACertAlias>
|
||||
<!-- Certificate authority private key password -->
|
||||
<CAPrivateKeyPassword>cacert</CAPrivateKeyPassword>
|
||||
<!-- Registration authority certificate alias -->
|
||||
<RACertAlias>racert</RACertAlias>
|
||||
<!-- Registration authority private key password -->
|
||||
<RAPrivateKeyPassword>racert</RAPrivateKeyPassword>
|
||||
</CertificateKeystore>
|
||||
</CertificateConfigurations>
|
@ -0,0 +1,33 @@
|
||||
#
|
||||
# Copyright 2015 WSO2, Inc. (http://wso2.com)
|
||||
#
|
||||
# WSO2 Inc. licenses this file to you under the Apache License,
|
||||
# version 2.0 (the "License"); you may not use this file except
|
||||
# in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
#
|
||||
# This is the log4j configuration file used by WSO2 Carbon
|
||||
#
|
||||
# IMPORTANT : Please do not remove or change the names of any
|
||||
# of the Appenders defined here. The layout pattern & log file
|
||||
# can be changed using the WSO2 Carbon Management Console, and those
|
||||
# settings will override the settings in this file.
|
||||
#
|
||||
|
||||
log4j.rootLogger=INFO, STD_OUT
|
||||
|
||||
# Redirect log messages to console
|
||||
log4j.appender.STD_OUT=org.apache.log4j.ConsoleAppender
|
||||
log4j.appender.STD_OUT.Target=System.out
|
||||
log4j.appender.STD_OUT.layout=org.apache.log4j.PatternLayout
|
||||
log4j.appender.STD_OUT.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss} %-5p %c{1}:%L - %m%n
|
@ -0,0 +1,33 @@
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIFqDCCA5CgAwIBAgIBAjANBgkqhkiG9w0BAQUFADCBizELMAkGA1UEBhMCVVMx
|
||||
DTALBgNVBAgTBFRlc3QxDTALBgNVBAcTBFRlc3QxETAPBgNVBAoTCFRlc3QgT3Jn
|
||||
MRYwFAYDVQQLEw1UZXN0IG9yZyB1bml0MRUwEwYDVQQDEwxXU08yIFJvb3QgQ0Ex
|
||||
HDAaBgkqhkiG9w0BCQEWDXJvb3RAd3NvMi5jb20wHhcNMTUwMTI3MTI1MzAxWhcN
|
||||
MTcxMDIzMTI1MzAxWjCBgzELMAkGA1UEBhMCVVMxGTAXBgNVBAgTEFRlc3QgUkEg
|
||||
UHJvdmluY2UxFTATBgNVBAcTDFRlc3QgUkEgQ2l0eTEUMBIGA1UEChMLVGVzdCBS
|
||||
QSBPcmcxGTAXBgNVBAsTEFRlc3QgUkEgb3JnIHVuaXQxETAPBgNVBAMTCFdTTzIg
|
||||
UkEgMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtUMgUlYYU3/TPfEe
|
||||
zNAvBaiOi/jUjfZ9IbxvMl7obDT17/5vU68TCGkZRjyfYUEiGNBisUEFWjSk/sGL
|
||||
/ofYKUAxw33cd456FLMjaJX/4Zk4y8eYB1m1GGlHejoDyjPhq8S6GDmy+PXbJr8n
|
||||
lSTROR2mQHkGwYrCreWeU4AYWzdctIFk7U2DKeIvZYSidIIjfSpDXURxrt9LPvig
|
||||
fMzr5l/WkZfjvk5S+W7rgMtpllxlEPgyDc07pNAdNSq5FB990oaUsVX8o6l6wdCw
|
||||
grYz83edPOKwZa04fsVztz2oF3ZYSGGjD3lwh0KS/jUL+awRyhMx5p/O1hySg6PP
|
||||
pJjeqRuobNTuwSAXxp3nsNSY0DkGW04pSxWoDQqhnpaqBbAf71l6ya2e3so1SHm/
|
||||
jouWSYTHncq5bmGE4AN7ZGVGZvfx84+UR8fNxJxxLo+DFFE0oJNzpPGNxILpHxgT
|
||||
V7IOII6mhfkrQk+AFQiW2Y5FXLVYv8r+SPXW8pYsjaWl971XZeM/HC3L9IZkCrrr
|
||||
a0ID5oT6vt+xTmdo4yiBqIP5TBYm+1a9YzMAy7XGtPih9k6cufMLcfzvUZdOXw9x
|
||||
3T05nM5ZtcDq0gHvUzQ7sfHTguWVnuHVEdb2ox4x2L5NzEA475fbSdXpMok9z/z7
|
||||
Xa71vIZi28InDAFBQehUlJnFtf0CAwEAAaMdMBswDAYDVR0TBAUwAwEB/zALBgNV
|
||||
HQ8EBAMCBaAwDQYJKoZIhvcNAQEFBQADggIBAAO0TwnQBMJvL8wbfsnTqAGCCHM4
|
||||
x1cpW+KgTmflPEliYGOn/dJYDz/dUowCgoj5mrSxjQ3G1/qL+9Y7E33h0tyw37vH
|
||||
YDL1p2Tn+fwmXRHrk+CHoPHNcImEfSIDWbbG7ehBR6erVfbQSZjmj4fwPkItp8rP
|
||||
nyUtXHOLpfFYoAxYkNP9+C8vpC9W/H1pj3rzmQFA1z+EZAKVV7vDAxbe6sun84nf
|
||||
YAaMSIzHx1B+XLHokgChmnZr3wV7EypBEmmKp4ITvJqK7WsIG9t1M6hI7OTPCURR
|
||||
mdy+DJtIoIUbZxHyIyC9nPcVJFkdBusnfXq4uMb0KMaWYCU8ESqZPySukF2qZ5KA
|
||||
acB+0ZhY+EGQ6QF/hB6iiUj96BlQ7XAPXFU6xUt6nRjDiJmb3vW1IEv0hpbs7PRl
|
||||
UMlbOwQk37rXpFqQc6ZW7lsxI2RmfkD4DOkQIGH3q5foVr+PEp0uSPWrFX62eBet
|
||||
1S4c/opVv6BcuUgilYABHTYxb45GfYwJAI9Qw2uQWT8DmhtVbcYu6GLYGlnRyaOC
|
||||
EPzc0z0KQTjhsgHWzi60IYBBh+fy+Z7w5X1rTTvhFOoU5J7kedGEqiBatIZmhF5t
|
||||
UFbT0u350ET5a0Kg83gu5aLwXdoIP9o7bp3XzLBMVNny2RX3tOHUA2HBe/p0h0OU
|
||||
Ggt3G6oD0gBe9pZI
|
||||
-----END CERTIFICATE-----
|
@ -0,0 +1,10 @@
|
||||
<!DOCTYPE suite SYSTEM "http://testng.org/testng-1.0.dtd" >
|
||||
|
||||
<suite name="iOS-MDM-Tests">
|
||||
<test name="Operatoin Bean validation tests" preserve-order="true">
|
||||
<classes>
|
||||
<class name="org.wso2.carbon.certificate.mgt.core.impl.CertificateGeneratorTestSuite"/>
|
||||
<class name="org.wso2.carbon.certificate.mgt.core.util.CommonUtil"/>
|
||||
</classes>
|
||||
</test>
|
||||
</suite>
|
Binary file not shown.
@ -0,0 +1,60 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
~
|
||||
~ WSO2 Inc. licenses this file to you under the Apache License,
|
||||
~ Version 2.0 (the "License"); you may not use this file except
|
||||
~ in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing,
|
||||
~ software distributed under the License is distributed on an
|
||||
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
~ KIND, either express or implied. See the License for the
|
||||
~ specific language governing permissions and limitations
|
||||
~ under the License.
|
||||
-->
|
||||
|
||||
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
|
||||
|
||||
<parent>
|
||||
<groupId>org.wso2.carbon.devicemgt</groupId>
|
||||
<artifactId>carbon-devicemgt</artifactId>
|
||||
<version>0.9.2-SNAPSHOT</version>
|
||||
<relativePath>../../pom.xml</relativePath>
|
||||
</parent>
|
||||
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.wso2.carbon.devicemgt</groupId>
|
||||
<artifactId>certificate-mgt</artifactId>
|
||||
<version>0.9.2-SNAPSHOT</version>
|
||||
<packaging>pom</packaging>
|
||||
<name>WSO2 Carbon - Certificate Management Component</name>
|
||||
<url>http://wso2.org</url>
|
||||
|
||||
<modules>
|
||||
<module>org.wso2.carbon.certificate.mgt.core</module>
|
||||
</modules>
|
||||
|
||||
<build>
|
||||
<pluginManagement>
|
||||
<plugins>
|
||||
<plugin>
|
||||
<groupId>org.apache.felix</groupId>
|
||||
<artifactId>maven-scr-plugin</artifactId>
|
||||
<version>1.7.2</version>
|
||||
<executions>
|
||||
<execution>
|
||||
<id>generate-scr-scrdescriptor</id>
|
||||
<goals>
|
||||
<goal>scr</goal>
|
||||
</goals>
|
||||
</execution>
|
||||
</executions>
|
||||
</plugin>
|
||||
</plugins>
|
||||
</pluginManagement>
|
||||
</build>
|
||||
</project>
|
@ -0,0 +1,59 @@
|
||||
/*
|
||||
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*
|
||||
*/
|
||||
package org.wso2.carbon.device.mgt.common;
|
||||
|
||||
public class IllegalTransactionStateException extends RuntimeException {
|
||||
|
||||
private static final long serialVersionUID = -3151279331929070297L;
|
||||
|
||||
private String errorMessage;
|
||||
|
||||
public String getErrorMessage() {
|
||||
return errorMessage;
|
||||
}
|
||||
|
||||
public void setErrorMessage(String errorMessage) {
|
||||
this.errorMessage = errorMessage;
|
||||
}
|
||||
|
||||
public IllegalTransactionStateException(String msg, Exception nestedEx) {
|
||||
super(msg, nestedEx);
|
||||
setErrorMessage(msg);
|
||||
}
|
||||
|
||||
public IllegalTransactionStateException(String message, Throwable cause) {
|
||||
super(message, cause);
|
||||
setErrorMessage(message);
|
||||
}
|
||||
|
||||
public IllegalTransactionStateException(String msg) {
|
||||
super(msg);
|
||||
setErrorMessage(msg);
|
||||
}
|
||||
|
||||
public IllegalTransactionStateException() {
|
||||
super();
|
||||
}
|
||||
|
||||
public IllegalTransactionStateException(Throwable cause) {
|
||||
super(cause);
|
||||
}
|
||||
|
||||
|
||||
}
|
@ -0,0 +1,55 @@
|
||||
/*
|
||||
* Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* you may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
package org.wso2.carbon.device.mgt.common.configuration.mgt;
|
||||
|
||||
public class ConfigurationManagementException extends Exception {
|
||||
private static final long serialVersionUID = -3151279311929070299L;
|
||||
|
||||
private String errorMessage;
|
||||
|
||||
public String getErrorMessage() {
|
||||
return errorMessage;
|
||||
}
|
||||
|
||||
public void setErrorMessage(String errorMessage) {
|
||||
this.errorMessage = errorMessage;
|
||||
}
|
||||
|
||||
public ConfigurationManagementException(String msg, Exception nestedEx) {
|
||||
super(msg, nestedEx);
|
||||
setErrorMessage(msg);
|
||||
}
|
||||
|
||||
public ConfigurationManagementException(String message, Throwable cause) {
|
||||
super(message, cause);
|
||||
setErrorMessage(message);
|
||||
}
|
||||
|
||||
public ConfigurationManagementException(String msg) {
|
||||
super(msg);
|
||||
setErrorMessage(msg);
|
||||
}
|
||||
|
||||
public ConfigurationManagementException() {
|
||||
super();
|
||||
}
|
||||
|
||||
public ConfigurationManagementException(Throwable cause) {
|
||||
super(cause);
|
||||
}
|
||||
}
|
@ -0,0 +1,45 @@
|
||||
/*
|
||||
* Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* you may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
package org.wso2.carbon.device.mgt.common.configuration.mgt;
|
||||
|
||||
/**
|
||||
* This represents the tenant configuration management functionality which should be implemented by
|
||||
* the device type plugins.
|
||||
*/
|
||||
public interface TenantConfigurationManagementService {
|
||||
|
||||
/**
|
||||
* Method to add a operation to a device or a set of devices.
|
||||
*
|
||||
* @param tenantConfiguration Operation to be added.
|
||||
* @param resourcePath Registry resource path.
|
||||
* @throws org.wso2.carbon.device.mgt.common.configuration.mgt.ConfigurationManagementException If some unusual behaviour is observed while adding the
|
||||
* configuration.
|
||||
*/
|
||||
public boolean saveConfiguration(TenantConfiguration tenantConfiguration, String resourcePath) throws ConfigurationManagementException;
|
||||
|
||||
/**
|
||||
* Method to retrieve the list of general tenant configurations.
|
||||
*
|
||||
* @param resourcePath Registry resource path.
|
||||
* @throws org.wso2.carbon.device.mgt.common.configuration.mgt.ConfigurationManagementException If some unusual behaviour is observed while fetching the
|
||||
* operation list.
|
||||
*/
|
||||
public TenantConfiguration getConfiguration(String resourcePath) throws ConfigurationManagementException;
|
||||
|
||||
}
|
@ -0,0 +1,41 @@
|
||||
/*
|
||||
* Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* you may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
package org.wso2.carbon.device.mgt.core.config;
|
||||
|
||||
/**
|
||||
* This class holds the constants used throughout the configuration manager.
|
||||
*/
|
||||
public class ConfigurationManagerConstants {
|
||||
|
||||
public static final class ContentTypes {
|
||||
private ContentTypes() {
|
||||
throw new AssertionError();
|
||||
}
|
||||
|
||||
public static final String CONTENT_TYPE_ANY = "*/*";
|
||||
public static final String MEDIA_TYPE_XML = "application/xml";
|
||||
}
|
||||
|
||||
public static final class CharSets {
|
||||
private CharSets() {
|
||||
throw new AssertionError();
|
||||
}
|
||||
|
||||
public static final String CHARSET_UTF8 = "UTF8";
|
||||
}
|
||||
}
|
@ -0,0 +1,97 @@
|
||||
/*
|
||||
* Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* you may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
package org.wso2.carbon.device.mgt.core.config.tenant;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.wso2.carbon.device.mgt.common.configuration.mgt.ConfigurationManagementException;
|
||||
import org.wso2.carbon.device.mgt.common.configuration.mgt.TenantConfiguration;
|
||||
import org.wso2.carbon.device.mgt.common.configuration.mgt.TenantConfigurationManagementService;
|
||||
import org.wso2.carbon.device.mgt.core.config.ConfigurationManagerConstants;
|
||||
import org.wso2.carbon.device.mgt.core.config.util.ConfigurationManagerUtil;
|
||||
import org.wso2.carbon.registry.api.Resource;
|
||||
import org.wso2.carbon.registry.api.RegistryException;
|
||||
|
||||
import javax.xml.bind.JAXBContext;
|
||||
import javax.xml.bind.JAXBException;
|
||||
import javax.xml.bind.Marshaller;
|
||||
import javax.xml.bind.Unmarshaller;
|
||||
import java.io.StringReader;
|
||||
import java.io.StringWriter;
|
||||
import java.nio.charset.Charset;
|
||||
|
||||
/**
|
||||
* This class implements all the functionality exposed as part of the TenantConfigurationManagementService. Main usage of
|
||||
* this module is, saving/retrieving tenant configurations to the registry.
|
||||
*/
|
||||
public class TenantConfigurationManagementServiceImpl
|
||||
implements TenantConfigurationManagementService {
|
||||
|
||||
private static final Log log = LogFactory.getLog(TenantConfigurationManagementServiceImpl.class);
|
||||
|
||||
@Override
|
||||
public boolean saveConfiguration(TenantConfiguration tenantConfiguration, String resourcePath)
|
||||
throws ConfigurationManagementException {
|
||||
boolean status;
|
||||
try {
|
||||
if (log.isDebugEnabled()) {
|
||||
log.debug("Persisting tenant configurations in Registry");
|
||||
}
|
||||
StringWriter writer = new StringWriter();
|
||||
JAXBContext context = JAXBContext.newInstance(TenantConfiguration.class);
|
||||
Marshaller marshaller = context.createMarshaller();
|
||||
marshaller.marshal(tenantConfiguration, writer);
|
||||
|
||||
Resource resource = ConfigurationManagerUtil.getConfigurationRegistry().newResource();
|
||||
resource.setContent(writer.toString());
|
||||
resource.setMediaType(ConfigurationManagerConstants.ContentTypes.MEDIA_TYPE_XML);
|
||||
ConfigurationManagerUtil.putRegistryResource(resourcePath, resource);
|
||||
status = true;
|
||||
} catch (RegistryException e) {
|
||||
throw new ConfigurationManagementException(
|
||||
"Error occurred while persisting the Registry resource of Tenant Configuration : " + e.getMessage(), e);
|
||||
} catch (JAXBException e) {
|
||||
throw new ConfigurationManagementException(
|
||||
"Error occurred while parsing the Tenant configuration : " + e.getMessage(), e);
|
||||
}
|
||||
return status;
|
||||
}
|
||||
|
||||
@Override
|
||||
public TenantConfiguration getConfiguration(String resourcePath)
|
||||
throws ConfigurationManagementException {
|
||||
Resource resource;
|
||||
try {
|
||||
resource = ConfigurationManagerUtil.getRegistryResource(resourcePath);
|
||||
if(resource != null){
|
||||
JAXBContext context = JAXBContext.newInstance(TenantConfiguration.class);
|
||||
Unmarshaller unmarshaller = context.createUnmarshaller();
|
||||
return (TenantConfiguration) unmarshaller.unmarshal(
|
||||
new StringReader(new String((byte[]) resource.getContent(), Charset
|
||||
.forName(ConfigurationManagerConstants.CharSets.CHARSET_UTF8))));
|
||||
}
|
||||
return new TenantConfiguration();
|
||||
} catch (JAXBException e) {
|
||||
throw new ConfigurationManagementException(
|
||||
"Error occurred while parsing the Tenant configuration : " + e.getMessage(), e);
|
||||
} catch (RegistryException e) {
|
||||
throw new ConfigurationManagementException(
|
||||
"Error occurred while retrieving the Registry resource of Tenant Configuration : " + e.getMessage(), e);
|
||||
}
|
||||
}
|
||||
}
|
@ -0,0 +1,70 @@
|
||||
/*
|
||||
* Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* you may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
package org.wso2.carbon.device.mgt.core.config.util;
|
||||
|
||||
import org.wso2.carbon.context.PrivilegedCarbonContext;
|
||||
import org.wso2.carbon.device.mgt.common.configuration.mgt.ConfigurationManagementException;
|
||||
import org.wso2.carbon.device.mgt.core.internal.DeviceManagementDataHolder;
|
||||
import org.wso2.carbon.registry.api.RegistryException;
|
||||
import org.wso2.carbon.registry.api.Resource;
|
||||
import org.wso2.carbon.registry.core.Registry;
|
||||
|
||||
public class ConfigurationManagerUtil {
|
||||
|
||||
public static Registry getConfigurationRegistry() throws ConfigurationManagementException {
|
||||
try {
|
||||
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
|
||||
return DeviceManagementDataHolder.getInstance().getRegistryService()
|
||||
.getConfigSystemRegistry(
|
||||
tenantId);
|
||||
} catch (RegistryException e) {
|
||||
throw new ConfigurationManagementException(
|
||||
"Error in retrieving governance registry instance: " +
|
||||
e.getMessage(), e);
|
||||
}
|
||||
}
|
||||
|
||||
public static Resource getRegistryResource(String path) throws ConfigurationManagementException {
|
||||
try {
|
||||
if(ConfigurationManagerUtil.getConfigurationRegistry().resourceExists(path)){
|
||||
return ConfigurationManagerUtil.getConfigurationRegistry().get(path);
|
||||
}
|
||||
return null;
|
||||
} catch (RegistryException e) {
|
||||
throw new ConfigurationManagementException("Error in retrieving registry resource : " +
|
||||
e.getMessage(), e);
|
||||
}
|
||||
}
|
||||
|
||||
public static boolean putRegistryResource(String path,
|
||||
Resource resource)
|
||||
throws ConfigurationManagementException {
|
||||
boolean status;
|
||||
try {
|
||||
ConfigurationManagerUtil.getConfigurationRegistry().beginTransaction();
|
||||
ConfigurationManagerUtil.getConfigurationRegistry().put(path, resource);
|
||||
ConfigurationManagerUtil.getConfigurationRegistry().commitTransaction();
|
||||
status = true;
|
||||
} catch (RegistryException e) {
|
||||
throw new ConfigurationManagementException(
|
||||
"Error occurred while persisting registry resource : " +
|
||||
e.getMessage(), e);
|
||||
}
|
||||
return status;
|
||||
}
|
||||
}
|
@ -0,0 +1,96 @@
|
||||
/*
|
||||
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.policy.mgt.core.enforcement;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.wso2.carbon.device.mgt.common.Device;
|
||||
import org.wso2.carbon.device.mgt.common.DeviceManagementException;
|
||||
import org.wso2.carbon.device.mgt.core.dto.DeviceType;
|
||||
import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService;
|
||||
import org.wso2.carbon.ntask.core.Task;
|
||||
import org.wso2.carbon.policy.mgt.common.PolicyManagementException;
|
||||
import org.wso2.carbon.policy.mgt.core.cache.impl.PolicyCacheManagerImpl;
|
||||
import org.wso2.carbon.policy.mgt.core.internal.PolicyManagementDataHolder;
|
||||
import org.wso2.carbon.policy.mgt.core.mgt.PolicyManager;
|
||||
import org.wso2.carbon.policy.mgt.core.mgt.impl.PolicyManagerImpl;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
public class DelegationTask implements Task {
|
||||
|
||||
private static final Log log = LogFactory.getLog(DelegationTask.class);
|
||||
|
||||
@Override
|
||||
public void setProperties(Map<String, String> map) {
|
||||
|
||||
}
|
||||
|
||||
@Override
|
||||
public void init() {
|
||||
|
||||
}
|
||||
|
||||
@Override
|
||||
public void execute() {
|
||||
|
||||
try {
|
||||
PolicyManager policyManager = new PolicyManagerImpl();
|
||||
List<DeviceType> deviceTypes = policyManager.applyChangesMadeToPolicies();
|
||||
|
||||
PolicyCacheManagerImpl.getInstance().rePopulateCache();
|
||||
|
||||
if (log.isDebugEnabled()) {
|
||||
log.debug("Number of device types which policies are changed .......... : " + deviceTypes.size());
|
||||
}
|
||||
if (!deviceTypes.isEmpty()) {
|
||||
DeviceManagementProviderService service = PolicyManagementDataHolder.getInstance()
|
||||
.getDeviceManagementService();
|
||||
List<Device> devices = new ArrayList<>();
|
||||
for (DeviceType deviceType : deviceTypes) {
|
||||
try {
|
||||
devices.addAll(service.getAllDevices(deviceType.getName()));
|
||||
} catch (DeviceManagementException e) {
|
||||
throw new PolicyManagementException("Error occurred while taking the devices", e);
|
||||
}
|
||||
}
|
||||
HashMap<Integer, Integer> deviceIdPolicy = policyManager.getAppliedPolicyIdsDeviceIds();
|
||||
List<Device> toBeNotified = new ArrayList<>();
|
||||
|
||||
for (Device device : devices) {
|
||||
if (deviceIdPolicy.containsKey(device.getId())) {
|
||||
toBeNotified.add(device);
|
||||
}
|
||||
}
|
||||
if (!toBeNotified.isEmpty()) {
|
||||
PolicyEnforcementDelegator enforcementDelegator = new PolicyEnforcementDelegatorImpl(toBeNotified);
|
||||
enforcementDelegator.delegate();
|
||||
}
|
||||
}
|
||||
|
||||
} catch (PolicyManagementException e) {
|
||||
log.error("Error occurred while getting the policies applied to devices.", e);
|
||||
} catch (PolicyDelegationException e) {
|
||||
log.error("Error occurred while running the delegation task.", e);
|
||||
}
|
||||
}
|
||||
}
|
@ -0,0 +1,136 @@
|
||||
/*
|
||||
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
|
||||
package org.wso2.carbon.policy.mgt.core;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.testng.annotations.BeforeClass;
|
||||
import org.testng.annotations.Test;
|
||||
import org.wso2.carbon.device.mgt.common.Device;
|
||||
import org.wso2.carbon.device.mgt.common.DeviceIdentifier;
|
||||
import org.wso2.carbon.device.mgt.common.DeviceManagementException;
|
||||
import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService;
|
||||
import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderServiceImpl;
|
||||
import org.wso2.carbon.ntask.common.TaskException;
|
||||
import org.wso2.carbon.ntask.core.service.TaskService;
|
||||
import org.wso2.carbon.ntask.core.service.impl.TaskServiceImpl;
|
||||
import org.wso2.carbon.policy.mgt.common.*;
|
||||
import org.wso2.carbon.policy.mgt.core.enforcement.DelegationTask;
|
||||
import org.wso2.carbon.policy.mgt.core.internal.PolicyManagementDataHolder;
|
||||
import org.wso2.carbon.policy.mgt.core.services.SimplePolicyEvaluationTest;
|
||||
|
||||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
|
||||
public class PolicyEvaluationTestCase extends BasePolicyManagementDAOTest {
|
||||
|
||||
private static final String ANDROID = "android";
|
||||
private static final Log log = LogFactory.getLog(PolicyEvaluationTestCase.class);
|
||||
|
||||
|
||||
@BeforeClass
|
||||
@Override
|
||||
public void init() throws Exception {
|
||||
|
||||
PolicyEvaluationPoint evaluationPoint = new SimplePolicyEvaluationTest();
|
||||
PolicyManagementDataHolder.getInstance().setPolicyEvaluationPoint(evaluationPoint);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void activatePolicies() throws PolicyManagementException, TaskException {
|
||||
PolicyManagerService policyManagerService = new PolicyManagerServiceImpl();
|
||||
PolicyAdministratorPoint administratorPoint = policyManagerService.getPAP();
|
||||
|
||||
List<Policy> policies = policyManagerService.getPolicies(ANDROID);
|
||||
|
||||
for (Policy policy : policies) {
|
||||
log.debug("Policy status : " + policy.getPolicyName() + " - " + policy.isActive() + " - " + policy
|
||||
.isUpdated() + " Policy id : " + policy.getId());
|
||||
|
||||
if (!policy.isActive()) {
|
||||
administratorPoint.activatePolicy(policy.getId());
|
||||
}
|
||||
}
|
||||
// This cannot be called due to task service cannot be started from the
|
||||
//administratorPoint.publishChanges();
|
||||
}
|
||||
|
||||
@Test(dependsOnMethods = ("activatePolicies"))
|
||||
public void getEffectivePolicy() throws DeviceManagementException, PolicyEvaluationException {
|
||||
|
||||
log.debug("Getting effective policy for device started ..........");
|
||||
|
||||
DeviceManagementProviderService service = new DeviceManagementProviderServiceImpl();
|
||||
List<Device> devices = service.getAllDevices(ANDROID);
|
||||
|
||||
PolicyEvaluationPoint evaluationPoint = PolicyManagementDataHolder.getInstance().getPolicyEvaluationPoint();
|
||||
|
||||
for (Device device : devices) {
|
||||
DeviceIdentifier identifier = new DeviceIdentifier();
|
||||
identifier.setType(device.getType());
|
||||
identifier.setId(device.getDeviceIdentifier());
|
||||
Policy policy = evaluationPoint.getEffectivePolicy(identifier);
|
||||
|
||||
if (policy != null) {
|
||||
log.debug("Name of the policy applied to device is " + policy.getPolicyName());
|
||||
} else {
|
||||
log.debug("No policy is applied to device.");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@Test(dependsOnMethods = ("getEffectivePolicy"))
|
||||
public void updatePriorities() throws PolicyManagementException, TaskException {
|
||||
|
||||
PolicyManagerService policyManagerService = new PolicyManagerServiceImpl();
|
||||
PolicyAdministratorPoint administratorPoint = policyManagerService.getPAP();
|
||||
|
||||
List<Policy> policies = administratorPoint.getPolicies();
|
||||
|
||||
log.debug("Re-enforcing policy started...!");
|
||||
|
||||
int sixe = policies.size();
|
||||
|
||||
sortPolicies(policies);
|
||||
int x = 0;
|
||||
for (Policy policy : policies) {
|
||||
policy.setPriorityId(sixe - x);
|
||||
x++;
|
||||
}
|
||||
|
||||
administratorPoint.updatePolicyPriorities(policies);
|
||||
// administratorPoint.publishChanges();
|
||||
}
|
||||
|
||||
|
||||
@Test(dependsOnMethods = ("updatePriorities"))
|
||||
public void checkDelegations() {
|
||||
|
||||
log.debug("Delegation methods calls started because tasks cannot be started due to osgi constraints.....!");
|
||||
|
||||
DelegationTask delegationTask = new DelegationTask();
|
||||
delegationTask.execute();
|
||||
}
|
||||
|
||||
public void sortPolicies(List<Policy> policyList) {
|
||||
Collections.sort(policyList);
|
||||
}
|
||||
}
|
@ -0,0 +1,84 @@
|
||||
/*
|
||||
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
|
||||
package org.wso2.carbon.policy.mgt.core.services;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.wso2.carbon.device.mgt.common.DeviceIdentifier;
|
||||
import org.wso2.carbon.policy.mgt.common.*;
|
||||
import org.wso2.carbon.policy.mgt.core.PolicyManagerService;
|
||||
import org.wso2.carbon.policy.mgt.core.PolicyManagerServiceImpl;
|
||||
|
||||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
|
||||
public class SimplePolicyEvaluationTest implements PolicyEvaluationPoint {
|
||||
|
||||
private static final Log log = LogFactory.getLog(SimplePolicyEvaluationTest.class);
|
||||
|
||||
@Override
|
||||
public Policy getEffectivePolicy(DeviceIdentifier deviceIdentifier) throws PolicyEvaluationException {
|
||||
Policy policy = new Policy();
|
||||
|
||||
List<Policy> policyList;
|
||||
PolicyAdministratorPoint policyAdministratorPoint;
|
||||
PolicyInformationPoint policyInformationPoint;
|
||||
PolicyManagerService policyManagerService = new PolicyManagerServiceImpl();
|
||||
|
||||
try {
|
||||
if (policyManagerService != null) {
|
||||
|
||||
policyInformationPoint = policyManagerService.getPIP();
|
||||
PIPDevice pipDevice = policyInformationPoint.getDeviceData(deviceIdentifier);
|
||||
policyList = policyInformationPoint.getRelatedPolicies(pipDevice);
|
||||
|
||||
for(Policy pol : policyList) {
|
||||
log.debug("Policy used in evaluation - Name : " + pol.getPolicyName() );
|
||||
}
|
||||
|
||||
sortPolicies(policyList);
|
||||
if(!policyList.isEmpty()) {
|
||||
policy = policyList.get(0);
|
||||
} else {
|
||||
return null;
|
||||
}
|
||||
|
||||
policyAdministratorPoint = policyManagerService.getPAP();
|
||||
policyAdministratorPoint.setPolicyUsed(deviceIdentifier, policy);
|
||||
|
||||
}
|
||||
|
||||
} catch (PolicyManagementException e) {
|
||||
String msg = "Error occurred when retrieving the policy related data from policy management service.";
|
||||
log.error(msg, e);
|
||||
throw new PolicyEvaluationException(msg, e);
|
||||
}
|
||||
return policy;
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<ProfileFeature> getEffectiveFeatures(DeviceIdentifier deviceIdentifier) throws PolicyEvaluationException {
|
||||
return null;
|
||||
}
|
||||
|
||||
public void sortPolicies(List<Policy> policyList) throws PolicyEvaluationException {
|
||||
Collections.sort(policyList);
|
||||
}
|
||||
}
|
@ -0,0 +1,48 @@
|
||||
<?xml version="1.0" encoding="ISO-8859-1"?>
|
||||
<!--
|
||||
~ Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
~
|
||||
~ WSO2 Inc. licenses this file to you under the Apache License,
|
||||
~ Version 2.0 (the "License"); you may not use this file except
|
||||
~ in compliance with the License.
|
||||
~ you may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing,
|
||||
~ software distributed under the License is distributed on an
|
||||
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
~ KIND, either express or implied. See the License for the
|
||||
~ specific language governing permissions and limitations
|
||||
~ under the License.
|
||||
-->
|
||||
|
||||
<DeviceMgtConfiguration>
|
||||
<ManagementRepository>
|
||||
<DataSourceConfiguration>
|
||||
<JndiLookupDefinition>
|
||||
<Name>jdbc/DM_DS</Name>
|
||||
</JndiLookupDefinition>
|
||||
</DataSourceConfiguration>
|
||||
<EmailClientConfiguration>
|
||||
<minimumThread>8</minimumThread>
|
||||
<maximumThread>100</maximumThread>
|
||||
<keepAliveTime>20</keepAliveTime>
|
||||
<ThreadQueueCapacity>1000</ThreadQueueCapacity>
|
||||
</EmailClientConfiguration>
|
||||
<IdentityConfiguration>
|
||||
<ServerUrl>https://localhost:9443</ServerUrl>
|
||||
<AdminUsername>admin</AdminUsername>
|
||||
<AdminPassword>admin</AdminPassword>
|
||||
</IdentityConfiguration>
|
||||
<PolicyConfiguration>
|
||||
<monitoringClass>org.wso2.carbon.policy.mgt</monitoringClass>
|
||||
<monitoringEnable>true</monitoringEnable>
|
||||
<monitoringFrequency>60000</monitoringFrequency>
|
||||
<maxRetries>5</maxRetries>
|
||||
<minRetriesToMarkUnreachable>8</minRetriesToMarkUnreachable>
|
||||
<minRetriesToMarkInactive>20</minRetriesToMarkInactive>
|
||||
</PolicyConfiguration>
|
||||
</ManagementRepository>
|
||||
</DeviceMgtConfiguration>
|
||||
|
@ -0,0 +1,51 @@
|
||||
<tasks-configuration xmlns:svns="http://org.wso2.securevault/configuration">
|
||||
|
||||
<!--
|
||||
The currently running server mode; possible values are:-
|
||||
STANDALONE, CLUSTERED, REMOTE, AUTO.
|
||||
In AUTO mode, the server startup checks whether clustering is enabled in the system,
|
||||
if so, CLUSTERED mode will be used, or else, the the server mode will be STANDALONE.
|
||||
-->
|
||||
<taskServerMode>AUTO</taskServerMode>
|
||||
|
||||
<!--
|
||||
To be used in CLUSTERED mode to notify how many servers are there in
|
||||
the task server cluster, the servers wait till this amount of servers
|
||||
are activated before the tasks are scheduled -->
|
||||
<taskServerCount>2</taskServerCount>
|
||||
|
||||
<!-- The default location resolver configuration -->
|
||||
<defaultLocationResolver>
|
||||
<locationResolverClass>org.wso2.carbon.ntask.core.impl.RoundRobinTaskLocationResolver</locationResolverClass>
|
||||
</defaultLocationResolver>
|
||||
|
||||
<!--
|
||||
if task-type-pattern matches and task-name-pattern matches, check existing addresses of address-pattern,
|
||||
and if addresses exist, select address in round-robin fashion, if not move onto next rule in sequence.
|
||||
<property name="rule-[order]">[task-type-pattern],[task-name-pattern],[address-pattern]</property>
|
||||
-->
|
||||
<!--defaultLocationResolver>
|
||||
<locationResolverClass>org.wso2.carbon.ntask.core.impl.RuleBasedLocationResolver</locationResolverClass>
|
||||
<properties>
|
||||
<property name="rule-1">HIVE_TASK,.*,192.168.2.*</property>
|
||||
<property name="rule-5">.*,.*,.*</property>
|
||||
</properties>
|
||||
</defaultLocationResolver-->
|
||||
|
||||
<!-- The address to which the remote task server should dispatch the trigger messages to,
|
||||
usually this would be an endpoint to a load balancer -->
|
||||
<taskClientDispatchAddress>https://localhost:9448</taskClientDispatchAddress>
|
||||
|
||||
<!-- The address of the remote task server -->
|
||||
<remoteServerAddress>https://localhost:9443</remoteServerAddress>
|
||||
|
||||
<!-- The username to authenticate to the remote task server -->
|
||||
<remoteServerUsername>admin</remoteServerUsername>
|
||||
|
||||
<!-- The password to authenticate to the remote task server -->
|
||||
<remoteServerPassword>admin</remoteServerPassword>
|
||||
|
||||
<!-- Below contain a sample to be used when using with secure vault -->
|
||||
<!--remoteServerPassword svns:secretAlias="remote.task.server.password"></remoteServerPassword-->
|
||||
|
||||
</tasks-configuration>
|
@ -0,0 +1,39 @@
|
||||
<Notifications>
|
||||
<NotificationMessage type="enrol">
|
||||
<Subject>Enroll your Device with WSO2 MDM</Subject>
|
||||
<Header>Dear {first-name},</Header>
|
||||
<Body>
|
||||
You have been registered to the WSO2 MDM. Below is the link to enroll.
|
||||
</Body>
|
||||
<Url>{downloadUrl}</Url>
|
||||
<Footer1>
|
||||
Best Regards,
|
||||
</Footer1>
|
||||
<Footer2>
|
||||
WSO2 MDM Team.
|
||||
</Footer2>
|
||||
<Footer3>
|
||||
http://www.wso2.com
|
||||
</Footer3>
|
||||
</NotificationMessage>
|
||||
<NotificationMessage type="userRegistration">
|
||||
<Subject>Enroll your Device with WSO2 MDM</Subject>
|
||||
<Header>Dear {first-name},</Header>
|
||||
<Body>
|
||||
You have been registered to WSO2 MDM with following credentials.
|
||||
Username: {user-name}
|
||||
Password: {password}
|
||||
Below is the link to enroll.
|
||||
</Body>
|
||||
<Url>{downloadUrl}</Url>
|
||||
<Footer1>
|
||||
Best Regards,
|
||||
</Footer1>
|
||||
<Footer2>
|
||||
WSO2 MDM Team.
|
||||
</Footer2>
|
||||
<Footer3>
|
||||
http://www.wso2.com
|
||||
</Footer3>
|
||||
</NotificationMessage>
|
||||
</Notifications>
|
@ -0,0 +1,140 @@
|
||||
/*
|
||||
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* you may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.webapp.authenticator.framework.authenticator;
|
||||
|
||||
import com.nimbusds.jose.JOSEException;
|
||||
import com.nimbusds.jose.JWSVerifier;
|
||||
import com.nimbusds.jose.crypto.RSASSAVerifier;
|
||||
import com.nimbusds.jwt.SignedJWT;
|
||||
import org.apache.axiom.util.base64.Base64Utils;
|
||||
import org.apache.axis2.transport.http.HTTPConstants;
|
||||
import org.apache.catalina.connector.Request;
|
||||
import org.apache.catalina.connector.Response;
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.wso2.carbon.context.PrivilegedCarbonContext;
|
||||
import org.wso2.carbon.core.util.KeyStoreManager;
|
||||
import org.wso2.carbon.user.api.TenantManager;
|
||||
import org.wso2.carbon.user.api.UserStoreException;
|
||||
import org.wso2.carbon.user.api.UserStoreManager;
|
||||
import org.wso2.carbon.utils.multitenancy.MultitenantConstants;
|
||||
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;
|
||||
import org.wso2.carbon.webapp.authenticator.framework.DataHolder;
|
||||
import org.wso2.carbon.webapp.authenticator.framework.WebappAuthenticator;
|
||||
|
||||
import java.security.interfaces.RSAPublicKey;
|
||||
import java.text.ParseException;
|
||||
import java.util.StringTokenizer;
|
||||
|
||||
/**
|
||||
* This authenticator authenticates HTTP requests using JWT header.
|
||||
*/
|
||||
public class JWTAuthenticator implements WebappAuthenticator {
|
||||
|
||||
private static final Log log = LogFactory.getLog(JWTAuthenticator.class);
|
||||
public static final String SIGNED_JWT_AUTH_USERNAME = "Username";
|
||||
private static final String JWT_AUTHENTICATOR = "JWT";
|
||||
|
||||
@Override
|
||||
public boolean isAuthenticated(Request request) {
|
||||
return false;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Status authenticate(Request request, Response response) {
|
||||
String requestUri = request.getRequestURI();
|
||||
if (requestUri == null || "".equals(requestUri)) {
|
||||
return Status.CONTINUE;
|
||||
}
|
||||
StringTokenizer tokenizer = new StringTokenizer(requestUri, "/");
|
||||
String context = tokenizer.nextToken();
|
||||
if (context == null || "".equals(context)) {
|
||||
return Status.CONTINUE;
|
||||
}
|
||||
|
||||
if (log.isDebugEnabled()) {
|
||||
log.debug("Authenticating using JWT header.");
|
||||
}
|
||||
|
||||
//Get the filesystem keystore default primary certificate
|
||||
KeyStoreManager keyStoreManager = KeyStoreManager.getInstance(
|
||||
MultitenantConstants.SUPER_TENANT_ID);
|
||||
try {
|
||||
keyStoreManager.getDefaultPrimaryCertificate();
|
||||
String authorizationHeader = request.getHeader(HTTPConstants.HEADER_AUTHORIZATION);
|
||||
String headerData = decodeAuthorizationHeader(authorizationHeader);
|
||||
JWSVerifier verifier =
|
||||
new RSASSAVerifier((RSAPublicKey) keyStoreManager.getDefaultPublicKey());
|
||||
SignedJWT jwsObject = SignedJWT.parse(headerData);
|
||||
if (jwsObject.verify(verifier)) {
|
||||
String username = jwsObject.getJWTClaimsSet().getStringClaim(SIGNED_JWT_AUTH_USERNAME);
|
||||
String tenantDomain = MultitenantUtils.getTenantDomain(username);
|
||||
username = MultitenantUtils.getTenantAwareUsername(username);
|
||||
TenantManager tenantManager = DataHolder.getInstance().getRealmService().getTenantManager();
|
||||
int tenantId = tenantManager.getTenantId(tenantDomain);
|
||||
|
||||
if (tenantId == -1) {
|
||||
log.error("tenantDomain is not valid. username : " + username + ", tenantDomain " +
|
||||
": " + tenantDomain);
|
||||
return Status.FAILURE;
|
||||
}
|
||||
|
||||
UserStoreManager userStore = DataHolder.getInstance().getRealmService().
|
||||
getTenantUserRealm(tenantId).getUserStoreManager();
|
||||
if (userStore.isExistingUser(username)) {
|
||||
PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext();
|
||||
ctx.setTenantId(tenantId);
|
||||
ctx.setUsername(username);
|
||||
return Status.SUCCESS;
|
||||
}
|
||||
}
|
||||
} catch (UserStoreException e) {
|
||||
log.error("Error occurred while obtaining the user.", e);
|
||||
return Status.FAILURE;
|
||||
} catch (ParseException e) {
|
||||
log.error("Error occurred while parsing the JWT header.", e);
|
||||
return Status.FAILURE;
|
||||
} catch (JOSEException e) {
|
||||
log.error("Error occurred while verifying the JWT header.", e);
|
||||
return Status.FAILURE;
|
||||
} catch (Exception e) {
|
||||
log.error("Error occurred while verifying the JWT header.", e);
|
||||
return Status.FAILURE;
|
||||
}
|
||||
return Status.CONTINUE;
|
||||
}
|
||||
|
||||
private String decodeAuthorizationHeader(String authorizationHeader) {
|
||||
String[] splitValues = authorizationHeader.trim().split(" ");
|
||||
byte[] decodedBytes = Base64Utils.decode(splitValues[1].trim());
|
||||
if (decodedBytes != null) {
|
||||
return new String(decodedBytes);
|
||||
} else {
|
||||
if (log.isDebugEnabled()) {
|
||||
log.debug("Error decoding authorization header.");
|
||||
}
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getName() {
|
||||
return JWTAuthenticator.JWT_AUTHENTICATOR;
|
||||
}
|
||||
}
|
39
components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkBundleActivator.java → components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkServiceComponent.java
39
components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkBundleActivator.java → components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkServiceComponent.java
@ -0,0 +1,156 @@
|
||||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<!--
|
||||
~ Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
~
|
||||
~ WSO2 Inc. licenses this file to you under the Apache License,
|
||||
~ Version 2.0 (the "License"); you may not use this file except
|
||||
~ in compliance with the License.
|
||||
~ you may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing,
|
||||
~ software distributed under the License is distributed on an
|
||||
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
~ KIND, either express or implied. See the License for the
|
||||
~ specific language governing permissions and limitations
|
||||
~ under the License.
|
||||
-->
|
||||
|
||||
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
|
||||
|
||||
<parent>
|
||||
<groupId>org.wso2.carbon.devicemgt</groupId>
|
||||
<artifactId>certificate-mgt-feature</artifactId>
|
||||
<version>0.9.2-SNAPSHOT</version>
|
||||
<relativePath>../pom.xml</relativePath>
|
||||
</parent>
|
||||
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<artifactId>org.wso2.carbon.certificate.mgt.server.feature</artifactId>
|
||||
<packaging>pom</packaging>
|
||||
<version>0.9.2-SNAPSHOT</version>
|
||||
<name>WSO2 Carbon - Certificate Management Server Feature</name>
|
||||
<url>http://wso2.org</url>
|
||||
<description>This feature contains the core bundles required for back-end Certificate Management functionality
|
||||
</description>
|
||||
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.wso2.carbon.devicemgt</groupId>
|
||||
<artifactId>org.wso2.carbon.certificate.mgt.core</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.bouncycastle.wso2</groupId>
|
||||
<artifactId>bcprov-jdk15on</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.bouncycastle.wso2</groupId>
|
||||
<artifactId>bcpkix-jdk15on</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.bouncycastle.wso2</groupId>
|
||||
<artifactId>bcmail-jdk15on</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.google.code.jscep.wso2</groupId>
|
||||
<artifactId>jscep</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>commons-io.wso2</groupId>
|
||||
<artifactId>commons-io</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>commons-lang.wso2</groupId>
|
||||
<artifactId>commons-lang</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>commons-codec.wso2</groupId>
|
||||
<artifactId>commons-codec</artifactId>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
|
||||
<build>
|
||||
<plugins>
|
||||
<plugin>
|
||||
<artifactId>maven-resources-plugin</artifactId>
|
||||
<version>2.6</version>
|
||||
<executions>
|
||||
<execution>
|
||||
<id>copy-resources</id>
|
||||
<phase>generate-resources</phase>
|
||||
<goals>
|
||||
<goal>copy-resources</goal>
|
||||
</goals>
|
||||
<configuration>
|
||||
<outputDirectory>src/main/resources</outputDirectory>
|
||||
<resources>
|
||||
<resource>
|
||||
<directory>resources</directory>
|
||||
<includes>
|
||||
<include>build.properties</include>
|
||||
<include>p2.inf</include>
|
||||
</includes>
|
||||
</resource>
|
||||
</resources>
|
||||
</configuration>
|
||||
</execution>
|
||||
</executions>
|
||||
</plugin>
|
||||
<plugin>
|
||||
<groupId>org.wso2.maven</groupId>
|
||||
<artifactId>carbon-p2-plugin</artifactId>
|
||||
<version>${carbon.p2.plugin.version}</version>
|
||||
<executions>
|
||||
<execution>
|
||||
<id>p2-feature-generation</id>
|
||||
<phase>package</phase>
|
||||
<goals>
|
||||
<goal>p2-feature-gen</goal>
|
||||
</goals>
|
||||
<configuration>
|
||||
<id>org.wso2.carbon.certificate.mgt.server</id>
|
||||
<propertiesFile>../../../features/etc/feature.properties</propertiesFile>
|
||||
<adviceFile>
|
||||
<properties>
|
||||
<propertyDef>org.wso2.carbon.p2.category.type:server</propertyDef>
|
||||
<propertyDef>org.eclipse.equinox.p2.type.group:false</propertyDef>
|
||||
</properties>
|
||||
</adviceFile>
|
||||
<bundles>
|
||||
<bundleDef>
|
||||
org.wso2.carbon.devicemgt:org.wso2.carbon.certificate.mgt.core:${carbon.device.mgt.version}
|
||||
</bundleDef>
|
||||
<bundleDef>
|
||||
org.bouncycastle.wso2:bcprov-jdk15on:${bcprov.wso2.version}
|
||||
</bundleDef>
|
||||
<bundleDef>
|
||||
org.bouncycastle.wso2:bcpkix-jdk15on:${bcpkix.wso2.version}
|
||||
</bundleDef>
|
||||
<bundleDef>
|
||||
org.bouncycastle.wso2:bcmail-jdk15on:${bcmail.wso2.version}
|
||||
</bundleDef>
|
||||
<bundleDef>
|
||||
com.google.code.jscep.wso2:jscep:${jscep.version}
|
||||
</bundleDef>
|
||||
<bundleDef>
|
||||
commons-io.wso2:commons-io:${version.commons.io}
|
||||
</bundleDef>
|
||||
<bundleDef>
|
||||
commons-lang.wso2:commons-lang:${version.commons.lang}
|
||||
</bundleDef>
|
||||
<bundleDef>
|
||||
commons-codec.wso2:commons-codec:${version.commons.codec}
|
||||
</bundleDef>
|
||||
</bundles>
|
||||
<importFeatures>
|
||||
<importFeatureDef>org.wso2.carbon.core.server:${carbon.kernel.version}</importFeatureDef>
|
||||
</importFeatures>
|
||||
</configuration>
|
||||
</execution>
|
||||
</executions>
|
||||
</plugin>
|
||||
</plugins>
|
||||
</build>
|
||||
</project>
|
@ -0,0 +1 @@
|
||||
custom = true
|
@ -0,0 +1,19 @@
|
||||
<?xml version="1.0" encoding="ISO-8859-1"?>
|
||||
<CertificateConfigurations>
|
||||
<CertificateKeystore>
|
||||
<!-- Certificate Keystore file location-->
|
||||
<CertificateKeystoreLocation>${carbon.home}/repository/resources/security/wso2certs.jks</CertificateKeystoreLocation>
|
||||
<!-- Certificate Keystore type (JKS/PKCS12 etc.)-->
|
||||
<CertificateKeystoreType>JKS</CertificateKeystoreType>
|
||||
<!-- Certificate Keystore password-->
|
||||
<CertificateKeystorePassword>wso2carbon</CertificateKeystorePassword>
|
||||
<!-- Certificate authority certificate alias -->
|
||||
<CACertAlias>cacert</CACertAlias>
|
||||
<!-- Certificate authority private key password -->
|
||||
<CAPrivateKeyPassword>cacert</CAPrivateKeyPassword>
|
||||
<!-- Registration authority certificate alias -->
|
||||
<RACertAlias>racert</RACertAlias>
|
||||
<!-- Registration authority private key password -->
|
||||
<RAPrivateKeyPassword>racert</RAPrivateKeyPassword>
|
||||
</CertificateKeystore>
|
||||
</CertificateConfigurations>
|
Binary file not shown.
@ -0,0 +1,3 @@
|
||||
instructions.configure = \
|
||||
org.eclipse.equinox.p2.touchpoint.natives.copy(source:${installFolder}/../features/org.wso2.carbon.certificate.mgt.server_${feature.version}/conf/wso2certs.jks,target:${installFolder}/../../resources/security/wso2certs.jks,overwrite:true);\
|
||||
org.eclipse.equinox.p2.touchpoint.natives.copy(source:${installFolder}/../features/org.wso2.carbon.certificate.mgt.server_${feature.version}/conf/certificate-config.xml,target:${installFolder}/../../conf/certificate-config.xml,overwrite:true);\
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in new issue